Ransomware attacks pose a serious threat to global cybersecurity, inflicting severe financial and operational damage on organizations, individuals, and critical infrastructure. Despite their pervasive impact, proactive measures to mitigate ransomware threats remain underdeveloped, with most efforts focused on reactive responses. Moreover, prior literature reveals a significant gap in systematic approaches for predicting such incidents. This research seeks to address this gap by employing time-series analysis to forecast ransomware attacks. Using 1880 ransomware incidents, we decompose the dataset into trend, seasonal, and residual components, fit a time-series model, and forecast future attacks. The results indicate that time-series analysis is useful for uncovering broad, structural patterns in ransomware data. To gain further insight into these results, we perform sub-analyses based on attacks targeting the top five sectors. The findings reveal reasonable predictive performance for ransomware attacks against government facilities and the healthcare and public health sector, with the latter showing an upward trend in attacks. By providing a predictive lens, our model equips organizations with actionable intelligence, enabling preemptive measures and enhanced situational awareness. Finally, this research underscores the importance of integrating time-series forecasting into cybersecurity strategies and seeks to pave the way for future advancements in predictive analytics for cyber threats.
Roumani et al. (Mon,) studied this question.