On the Economics of Ransomware

Aron Laszka, Sadegh Farhang, Jens Grossklags

Research output: Chapter in Book/Report/Conference proceedingConference contribution

36 Scopus citations


While recognized as a theoretical and practical concept for over 20 years, only now ransomware has taken centerstage as one of the most prevalent cybercrimes. Various reports demonstrate the enormous burden placed on companies, which have to grapple with the ongoing attack waves. At the same time, our strategic understanding of the threat and the adversarial interaction between organizations and cybercriminals perpetrating ransomware attacks is lacking. In this paper, we develop, to the best of our knowledge, the first game-theoretic model of the ransomware ecosystem. Our model captures a multi-stage scenario involving organizations from different industry sectors facing a sophisticated ransomware attacker. We place particular emphasis on the decision of companies to invest in backup technologies as part of a contingency plan, and the economic incentives to pay a ransom if impacted by an attack. We further study to which degree comprehensive industry-wide backup investments can serve as a deterrent for ongoing attacks.

Original languageEnglish (US)
Title of host publicationDecision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings
EditorsChristopher Kiekintveld, Stefan Schauer, Bo An, Stefan Rass, Fei Fang
PublisherSpringer Verlag
Number of pages21
ISBN (Print)9783319687100
StatePublished - 2017
Event8th International Conference on Decision and Game Theory for Security, GameSec 2017 - Vienna, Austria
Duration: Oct 23 2017Oct 25 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10575 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other8th International Conference on Decision and Game Theory for Security, GameSec 2017

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'On the Economics of Ransomware'. Together they form a unique fingerprint.

Cite this