Ransomware and reputation

Anna Cartwright, Edward Cartwright

Research output: Contribution to journalArticle

3 Citations (Scopus)
3 Downloads (Pure)

Abstract

Ransomware is a particular form of cyber-attack in which a victim loses access to either his electronic device or files unless he pays a ransom to criminals. A criminal’s ability to make money from ransomware critically depends on victims believing that the criminal will honour ransom payments. In this paper we explore the extent to which a criminal can build trust through reputation. We demonstrate that there are situations in which it is optimal for the criminal to always return the files and situations in which it is not. We argue that the ability to build reputation will depend on how victims distinguish between different ransomware strands. If ransomware is to survive as a long term revenue source for criminals then they need to find ways of building a good reputation.

Original languageEnglish
Article number26
Number of pages15
JournalGames
Volume10
Issue number2
DOIs
Publication statusPublished - 10 Jun 2019
Event 10th Conference on Decision and Game Theory for Security - Stockholm, Sweden
Duration: 30 Oct 20191 Nov 2019
https://www.gamesec-conf.org/

Bibliographical note

This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution
(CC BY) license (http://creativecommons.org/licenses/by/4.0/).

Keywords

  • Ransomware
  • Repeated game
  • Reputation
  • Trust

ASJC Scopus subject areas

  • Statistics and Probability
  • Statistics, Probability and Uncertainty
  • Applied Mathematics

Fingerprint Dive into the research topics of 'Ransomware and reputation'. Together they form a unique fingerprint.

  • Cite this