On the Economics of Ransomware

Aron Laszka; Sadegh Farhang; Jens Grossklags

doi:10.1007/978-3-319-68711-7_21

On the Economics of Ransomware

Aron Laszka, Sadegh Farhang, Jens Grossklags

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

40 Scopus citations

Abstract

While recognized as a theoretical and practical concept for over 20 years, only now ransomware has taken centerstage as one of the most prevalent cybercrimes. Various reports demonstrate the enormous burden placed on companies, which have to grapple with the ongoing attack waves. At the same time, our strategic understanding of the threat and the adversarial interaction between organizations and cybercriminals perpetrating ransomware attacks is lacking. In this paper, we develop, to the best of our knowledge, the first game-theoretic model of the ransomware ecosystem. Our model captures a multi-stage scenario involving organizations from different industry sectors facing a sophisticated ransomware attacker. We place particular emphasis on the decision of companies to invest in backup technologies as part of a contingency plan, and the economic incentives to pay a ransom if impacted by an attack. We further study to which degree comprehensive industry-wide backup investments can serve as a deterrent for ongoing attacks.

Original language	English (US)
Title of host publication	Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings
Editors	Christopher Kiekintveld, Stefan Schauer, Bo An, Stefan Rass, Fei Fang
Publisher	Springer Verlag
Pages	397-417
Number of pages	21
ISBN (Print)	9783319687100
DOIs	https://doi.org/10.1007/978-3-319-68711-7_21
State	Published - 2017
Event	8th International Conference on Decision and Game Theory for Security, GameSec 2017 - Vienna, Austria Duration: Oct 23 2017 → Oct 25 2017

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10575 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	8th International Conference on Decision and Game Theory for Security, GameSec 2017
Country/Territory	Austria
City	Vienna
Period	10/23/17 → 10/25/17

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-319-68711-7_21

Cite this

Laszka, A., Farhang, S., & Grossklags, J. (2017). On the Economics of Ransomware. In C. Kiekintveld, S. Schauer, B. An, S. Rass, & F. Fang (Eds.), Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings (pp. 397-417). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10575 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-68711-7_21

Laszka, Aron ; Farhang, Sadegh ; Grossklags, Jens. / On the Economics of Ransomware. Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. editor / Christopher Kiekintveld ; Stefan Schauer ; Bo An ; Stefan Rass ; Fei Fang. Springer Verlag, 2017. pp. 397-417 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{de6c5db7e1cd476399bef4751519386c,

title = "On the Economics of Ransomware",

abstract = "While recognized as a theoretical and practical concept for over 20 years, only now ransomware has taken centerstage as one of the most prevalent cybercrimes. Various reports demonstrate the enormous burden placed on companies, which have to grapple with the ongoing attack waves. At the same time, our strategic understanding of the threat and the adversarial interaction between organizations and cybercriminals perpetrating ransomware attacks is lacking. In this paper, we develop, to the best of our knowledge, the first game-theoretic model of the ransomware ecosystem. Our model captures a multi-stage scenario involving organizations from different industry sectors facing a sophisticated ransomware attacker. We place particular emphasis on the decision of companies to invest in backup technologies as part of a contingency plan, and the economic incentives to pay a ransom if impacted by an attack. We further study to which degree comprehensive industry-wide backup investments can serve as a deterrent for ongoing attacks.",

author = "Aron Laszka and Sadegh Farhang and Jens Grossklags",

note = "Publisher Copyright: {\textcopyright} 2017, Springer International Publishing AG.; 8th International Conference on Decision and Game Theory for Security, GameSec 2017 ; Conference date: 23-10-2017 Through 25-10-2017",

year = "2017",

doi = "10.1007/978-3-319-68711-7_21",

language = "English (US)",

isbn = "9783319687100",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "397--417",

editor = "Christopher Kiekintveld and Stefan Schauer and Bo An and Stefan Rass and Fei Fang",

booktitle = "Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings",

address = "Germany",

}

Laszka, A, Farhang, S & Grossklags, J 2017, On the Economics of Ransomware. in C Kiekintveld, S Schauer, B An, S Rass & F Fang (eds), Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10575 LNCS, Springer Verlag, pp. 397-417, 8th International Conference on Decision and Game Theory for Security, GameSec 2017, Vienna, Austria, 10/23/17. https://doi.org/10.1007/978-3-319-68711-7_21

On the Economics of Ransomware. / Laszka, Aron; Farhang, Sadegh; Grossklags, Jens.
Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. ed. / Christopher Kiekintveld; Stefan Schauer; Bo An; Stefan Rass; Fei Fang. Springer Verlag, 2017. p. 397-417 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10575 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - On the Economics of Ransomware

AU - Laszka, Aron

AU - Farhang, Sadegh

AU - Grossklags, Jens

PY - 2017

Y1 - 2017

N2 - While recognized as a theoretical and practical concept for over 20 years, only now ransomware has taken centerstage as one of the most prevalent cybercrimes. Various reports demonstrate the enormous burden placed on companies, which have to grapple with the ongoing attack waves. At the same time, our strategic understanding of the threat and the adversarial interaction between organizations and cybercriminals perpetrating ransomware attacks is lacking. In this paper, we develop, to the best of our knowledge, the first game-theoretic model of the ransomware ecosystem. Our model captures a multi-stage scenario involving organizations from different industry sectors facing a sophisticated ransomware attacker. We place particular emphasis on the decision of companies to invest in backup technologies as part of a contingency plan, and the economic incentives to pay a ransom if impacted by an attack. We further study to which degree comprehensive industry-wide backup investments can serve as a deterrent for ongoing attacks.

AB - While recognized as a theoretical and practical concept for over 20 years, only now ransomware has taken centerstage as one of the most prevalent cybercrimes. Various reports demonstrate the enormous burden placed on companies, which have to grapple with the ongoing attack waves. At the same time, our strategic understanding of the threat and the adversarial interaction between organizations and cybercriminals perpetrating ransomware attacks is lacking. In this paper, we develop, to the best of our knowledge, the first game-theoretic model of the ransomware ecosystem. Our model captures a multi-stage scenario involving organizations from different industry sectors facing a sophisticated ransomware attacker. We place particular emphasis on the decision of companies to invest in backup technologies as part of a contingency plan, and the economic incentives to pay a ransom if impacted by an attack. We further study to which degree comprehensive industry-wide backup investments can serve as a deterrent for ongoing attacks.

UR - http://www.scopus.com/inward/record.url?scp=85032875707&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85032875707&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-68711-7_21

DO - 10.1007/978-3-319-68711-7_21

M3 - Conference contribution

AN - SCOPUS:85032875707

SN - 9783319687100

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 397

EP - 417

BT - Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings

A2 - Kiekintveld, Christopher

A2 - Schauer, Stefan

A2 - An, Bo

A2 - Rass, Stefan

A2 - Fang, Fei

PB - Springer Verlag

T2 - 8th International Conference on Decision and Game Theory for Security, GameSec 2017

Y2 - 23 October 2017 through 25 October 2017

ER -

Laszka A, Farhang S, Grossklags J. On the Economics of Ransomware. In Kiekintveld C, Schauer S, An B, Rass S, Fang F, editors, Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. Springer Verlag. 2017. p. 397-417. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-68711-7_21

On the Economics of Ransomware

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this