Abstract— This research aims to explore and analyze ransomware mitigation strategies, a type of malware that encrypts data and demands a ransom. A literature review was used to collect and analyze data from academic journals, industry reports, and technical publications. The analysis of the literature indicates that prevention strategies such as user education, routine data Backups, and software updates are effective in reducing the risk of attacks. Early detection technologies, including intrusion detection systems and behavior analysis, have proven capable of identifying attacks before significant damage occurs. A swift and coordinated response, involving the isolation of infected systems and forensic analysis, can minimize impact and recovery costs. The research concludes that ransomware mitigation requires a holistic approach encompassing prevention, early detection, and rapid response. The combination of these strategies is effective in reducing damage and recovery costs following a ransomware attack.

[1] M. Ryan, Ransomware Revolution: the rise of a prodigious cyber threat, vol. 85. Springer, 2021.

[2] G. Nagar, “The Evolution of Ransomware: Tactics, Techniques, and Mitigation Strategies,” Val. Int. J. Digit. Libr., pp. 1282–1298, 2024.

[3] R. Richardson and M. M. North, “Ransomware: Evolution, mitigation and prevention,” Int. Manag. Rev., vol. 13, no. 1, p. 10, 2017.

[4] M. Wazid, A. K. Das, J. J. P. C. Rodrigues, S. Shetty, and Y. Park, “IoMT malware detection approaches: analysis and research challenges,” IEEE access, vol. 7, pp. 182459–182476, 2019.

[5] Z. Manjezi and R. A. Botha, “Preventing and Mitigating Ransomware: A Systematic Literature Review,” in Information Security: 17th International Conference, ISSA 2018, Pretoria, South Africa, August 15–16, 2018, Revised Selected Papers 17, 2019, pp. 149–162.

[6] O. Sarker, A. Jayatilaka, S. Haggag, C. Liu, and M. A. Babar, “A Multi-vocal Literature Review on challenges and critical success factors of phishing education, training and awareness,” J. Syst. Softw., vol. 208, p. 111899, 2024.

[7] D. Morato, E. Berrueta, E. Magaña, and M. Izal, “Ransomware early detection by the analysis of file sharing traffic,” J. Netw. Comput. Appl., vol. 124, pp. 14–32, 2018.

[8] S. Maniath, P. Poornachandran, and V. G. Sujadevi, “Survey on prevention, mitigation and containment of ransomware attacks,” in Security in Computing and Communications: 6th International Symposium, SSCC 2018, Bangalore, India, September 19–22, 2018, Revised Selected Papers 6, 2019, pp. 39–52.

[9] J. Beattie and M. Shandrowski, “Cyber-compromised data recovery: The more likely disaster recovery use case,” J. Bus. Contin. Emer. Plan., vol. 15, no. 2, pp. 114–126, 2021.

[10] M. Akbanov, V. G. Vassilakis, and M. D. Logothetis, “Ransomware detection and mitigation using software-defined networking: The case of WannaCry,” Comput. Electr. Eng., vol. 76, pp. 111–121, 2019.

[11] R. D. Hapsari and K. G. Pambayun, “Ancaman cybercrime di indonesia: Sebuah tinjauan pustaka sistematis,” J. Konstituen, vol. 5, no. 1, pp. 1–17, 2023.

[12] F. I. Adristi and E. Ramadhani, “Analisis Dampak Kebocoran Data Pusat Data Nasional Sementara 2 (PDNS 2) Surabaya: Pendekatan Matriks Budaya Keamanan Siber dan Dimensi Budaya Nasional Hofstede,” Sel. Manaj. J. Mhs. Bisnis Manaj., vol. 2, no. 6, pp. 196–212, 2024.

[13] A. M. Maigida, S. M. Abdulhamid, M. Olalere, J. K. Alhassan, H. Chiroma, and E. G. Dada, “Systematic literature review and metadata analysis of ransomware attacks and detection mechanisms,” J. Reliab. Intell. Environ., vol. 5, pp. 67–89, 2019.

[14] H. Kurniawan et al., TEKNIK PENULISAN KARYA ILMIAH: Cara membuat Karya Ilmiah yang baik dan benar. PT. Sonpedia Publishing Indonesia, 2023.

[15] B. A. S. Al-Rimy, M. A. Maarof, and S. Z. M. Shaid, “Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions,” Comput. Secur., vol. 74, pp. 144–166, 2018.

[16] H. Kallio, A. Pietilä, M. Johnson, and M. Kangasniemi, “Systematic methodological review: developing a framework for a qualitative semi‐structured interview guide,” J. Adv. Nurs., vol. 72, no. 12, pp. 2954–2965, 2016.

[17] S. Askarifar, N. A. A. Rahman, and H. Osman, “A review of latest wannacry ransomware: Actions and preventions,” J. Eng. Sci. Technol, vol. 13, pp. 24–33, 2018.

[18] N. Tambunan et al., “Berita utama tentang error service di Bank Syariah Indonesia (BSI),” Community Dev. J. J. Pengabdi. Masy., vol. 4, no. 2, pp. 5096–5098, 2023.

[19] R. Brewer, “Ransomware attacks: detection, prevention and cure,” Netw. Secur., vol. 2016, no. 9, pp. 5–9, 2016.

[20] D. F. Sittig and H. Singh, “A socio-technical approach to preventing, mitigating, and recovering from ransomware attacks,” Appl. Clin. Inform., vol. 7, no. 02, pp. 624–632, 2016.

[21] Y. Diogenes and E. Ozkaya, Cybersecurity–Attack and Defense Strategies: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals. Packt Publishing Ltd, 2019.

[22] U. Urooj, B. A. S. Al-rimy, A. Zainal, F. A. Ghaleb, and M. A. Rassam, “Ransomware detection using the dynamic analysis and machine learning: A survey and research directions,” Appl. Sci., vol. 12, no. 1, p. 172, 2021.

[23] V. Szücs, G. Arányi, and Á. Dávid, “Introduction of the ARDS—anti-ransomware defense System model—based on the systematic review of worldwide ransomware attacks,” Appl. Sci., vol. 11, no. 13, p. 6070, 2021.

[24] N. R. Bodlapati, “Analysis of Best Practices for the Prevention of Ransomware Attacks,” 2021.

[25] A. Mukhopadhyay and S. Jain, “A framework for cyber-risk insurance against ransomware: A mixed-method approach,” Int. J. Inf. Manage., vol. 74, p. 102724, 2024.

[26] S. R. Gudimetla, “Ransomware Prevention and Mitigation Strategies,” J. Innov. Technol., vol. 5, no. 1, 2022.

[27] A. Waheed, B. Seegolam, M. F. Jowaheer, C. L. X. Sze, E. T. F. Hua, and S. R. Sindiramutty, “Zero-Day Exploits in Cybersecurity: Case Studies and Countermeasure,” 2024.

[28] G. Ali, M. Ally Dida, and A. Elikana Sam, “Two-factor authentication scheme for mobile money: A review of threat models and countermeasures,” Futur. Internet, vol. 12, no. 10, p. 160, 2020.

[29] M. Karpiuk and J. Kostrubiec, “Activities for Cybersecurity as a Mission of Information Sharing and Analysis Centres,” First Publ. 2022 by, p. 39, 2022.