Cybersecurity Awareness Education by Making Ransomware Tangible Securely

Phishing techniques under the Massachusetts Institute of Technology Research and Engineering (MITRE) ATT&CK Framework, along with their offshoots Smishing, Spearphishing, and Whaling, remain prevalent despite widespread security awareness, facilitating ransomware attacks that encrypt data for impact. Ransomware threats expand from single to triple extortion, combining data encryption with threats of auctioning stolen data and launching Distributed Denial of Service (DDoS) attacks. Europol’s Internet Organised Crime Threat Assessment (IOCTA) 2024 underscores the persistent risk of ransomware, a danger often underestimated by organizations.