Abstract
Ransomware is a particular form of cyber-attack in which a victim loses access to either his electronic device or files unless he pays a ransom to criminals. A criminal’s ability to make money from ransomware critically depends on victims believing that the criminal will honour ransom payments. In this paper we explore the extent to which a criminal can build trust through reputation. We demonstrate that there are situations in which it is optimal for the criminal to always return the files and situations in which it is not. We argue that the ability to build reputation will depend on how victims distinguish between different ransomware strands. If ransomware is to survive as a long term revenue source for criminals then they need to find ways of building a good reputation.
| Original language | English |
|---|---|
| Article number | 26 |
| Number of pages | 15 |
| Journal | Games |
| Volume | 10 |
| Issue number | 2 |
| DOIs | |
| Publication status | Published - 10 Jun 2019 |
| Event | 10th Conference on Decision and Game Theory for Security - Stockholm, Sweden Duration: 30 Oct 2019 → 1 Nov 2019 https://www.gamesec-conf.org/ |
Bibliographical note
This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution(CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Keywords
- Ransomware
- Repeated game
- Reputation
- Trust
ASJC Scopus subject areas
- Statistics and Probability
- Statistics, Probability and Uncertainty
- Applied Mathematics
