To pay or not: game theoretic models of ransomware

Edward Cartwright, Julio Hernandez-Castro, Anna Cartwright

Research output: Contribution to journalArticlepeer-review

38 Citations (Scopus)
231 Downloads (Pure)


Ransomware is a type of malware that encrypts files and demands a ransom from victims. It can be viewed as a form of kidnapping in which the criminal takes control of the victim’s files with the objective of financial gain. In this article, we review and develop the game theoretic literature on kidnapping in order to gain insight on ransomware. The prior literature on kidnapping has largely focused on political or terrorist hostage taking. We demonstrate, however, that key models within the literature can be adapted to give critical new insight on ransomware. We primarily focus on two models. The first gives insight on the optimal ransom that criminals should charge. The second gives insight on the role of deterrence through preventative measures. A key insight from both models will be the importance of spillover effects across victims. We will argue that such spillovers point to the need for some level of outside intervention, by governments or otherwise, to tackle ransomware.
Original languageEnglish
Article numbertyz009
Number of pages12
JournalJournal of Cybersecurity
Issue number1
Early online date26 Aug 2019
Publication statusPublished - 2019

Bibliographical note

This is an Open Access article distributed under the terms of the Creative
Commons Attribution License (,
which permits unrestricted reuse, distribution, and reproduction in any medium,
provided the original work is properly cited.


  • ransomware
  • game theory
  • kidnapping
  • hostage
  • deterence


Dive into the research topics of 'To pay or not: game theoretic models of ransomware'. Together they form a unique fingerprint.

Cite this