Ransomware and Reputation

Cartwright, Anna; Cartwright, Edward

doi:10.3390/g10020026

Cited by 21 publications

(18 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Study of role of reputation suggests that it is optimal for the criminal to build a good reputation and always return the files [10]. How victims form beliefs influences the victims' intention to pay the ransom.…”

Section: Related Workmentioning

confidence: 99%

Game Theory of Data-selling Ransomware

Liao

2021

JCSANDM

View full text Add to dashboard Cite

We are experiencing the worst years of ransomware attacks with continuing news reports on high-profile ransomware attacks on organizations such as hospitals, schools, government agencies and private businesses. Recently a few ransomware attackers have gone beyond simply encrypting files and waiting for ransom. They threaten to release the data if the victims refuse their ransom request. In this paper, we propose a hypothetical new revenue model for the ransomware, i.e., selling the stolen data rather than publishing the data for free. Through a game-theoretical analysis between attackers and victims, we contribute a novel model to understand the critical decision variables for the proposed data-selling ransomware (which we refer as "ransomware 2.0") that sells data as well as demands ransom. We compare the role of reputation and the profitability of the data-selling ransomware with traditional ransomware ("ransomware 1.0") that demands ransom only and the data-threat ransomware ("ransomware 1.5") that demands ransom with the threat of releasing data for no compliance. Both theoretical modeling and simulation studies suggest that in general both ransomware 2.0 and 1.5 are more profitable than ransomware 1.0, while ransomware 2.0 is always more profitable than ransomware 1.5. Notably, common defensive measures that may work to eliminate the financial incentives of ransomware 1.0 may not work on ransomware 2.0, in particular the data backup practice and the never-pay-ransom strategy. Our findings also suggest that the uncertainties created by this new revenue model may affect attackers' reputation and users' willingness-to-pay, therefore, ransomware 2.0 may not always increase the profitability of attackers. Another finding of the study suggests that reputation maximization is critical in ransomware 1.0 and 1.5, but not in ransomware 2.0, where attackers could manipulate reputation for profit maximization.

show abstract

Section: Related Workmentioning

confidence: 99%

Game Theory of Data-selling Ransomware

Liao

2021

JCSANDM

View full text Add to dashboard Cite

show abstract

“…The higher the probability of the files being recovered, the larger will be the WTP, and the larger the ransom the criminals can set [40]. In order to maximize profit, the criminals should, therefore, always return files to people who pay the ransom, unless the cost of returning the files is very large [41].…”

Section: Discussionmentioning

confidence: 99%

An economic analysis of ransomware and its welfare consequences

Hernández-Castro

Cartwright

2020

R. Soc. open sci.

Self Cite

View full text Add to dashboard Cite

We present in this work an economic analysis of ransomware, a relatively new form of cyber-enabled extortion. We look at how the illegal gains of the criminals will depend on the strategies they use, examining uniform pricing and price discrimination. We also explore the welfare costs to society of such strategies. In addition, we present the results of a pilot survey which demonstrate proof of concept in evaluating the costs of ransomware attacks. We discuss at each stage whether the different strategies we analyse have been encountered already in existing malware, and the likelihood of them being implemented in the future. We hope this work will provide some useful insights for predicting how ransomware may evolve in the future.

show abstract

“…A variety of malware types exists such as Viruses, Trojan Horses, Worms, Ransomware and Spyware. One of the most recent trends, Ransomware, a type of Malware has over the last five years gained prominence [21]. Ransomware is where a victim of an attack is blackmailed.…”

Section: Malwarementioning

confidence: 99%

Centralised IT Structure and Cyber Risk Management

Abbasi

Petford

Hosseinian-Far

2021

Cybersecurity, Privacy and Freedom Protection in the Connected World

View full text Add to dashboard Cite

Against the backdrop of organisational needs to derive value from IT Organisations through agility, efficiencies and cost effectiveness, many organisations have adopted a decentralised IT organisational structure, enabling individual business units the autonomy to implement, operate and govern technology. The increase risk that poses organisations through cyber-attacks, raises the question of how IT security could effectively provide the level of organisations governance to counter cyber threats in a decentralised organisational model. In exploring the challenges in the decentralization of IT security, we highlighted that the accountability of such activities would become diluted, with each business unit managing security in their own methods and practices or lack of, while unable to take full accountability due to the complex independencies of modern system architectures, often resulting in a lack of ownership, accountability and reporting of security at an organisational group level. This ultimately increases the overall security risk to the organization. We further highlighted that while centralization of IT security at a group level would be more effective, a hybrid model of IT security at two-levels with strategy and policy at the central governance level and a degree of autonomy and decision at the IT Operational level could also be considered.

show abstract

Ransomware and Reputation

Cited by 21 publications

References 24 publications

Game Theory of Data-selling Ransomware

Game Theory of Data-selling Ransomware

An economic analysis of ransomware and its welfare consequences

Centralised IT Structure and Cyber Risk Management

Contact Info

Product

Resources

About