Dynamics of targeted ransomware negotiation

Pierce Ryan; John Fokker; Sorcha Healy; Andreas Amann

arXiv:2110.00362·math.DS·April 14, 2022

Dynamics of targeted ransomware negotiation

Pierce Ryan, John Fokker, Sorcha Healy, Andreas Amann

PDF

TL;DR

This paper models targeted ransomware negotiations as a game, highlighting how imperfect information influences optimal strategies for attackers and targets, aiding better response strategies.

Contribution

It introduces a game-theoretic model of ransomware negotiations incorporating investment and imperfect information, providing insights into strategic decision-making.

Findings

01

Imperfect information significantly affects negotiation strategies.

02

Optimal strategies depend on the level of information asymmetry.

03

The model explains observed real-world ransomware behaviors.

Abstract

In this paper, we consider how the development of targeted ransomware has affected the dynamics of ransomware negotiations to better understand how to respond to ransomware attacks. We construct a model of ransomware negotiations as an asymmetric non-cooperative two-player game. In particular, our model considers the investments that a malicious actor must make in order to conduct a successful targeted ransomware attack. We demonstrate how imperfect information is a crucial feature for replicating observed real-world behaviour. Furthermore, we present optimal strategies for both the malicious actor and the target, and demonstrate how imperfect information results in a non-trivial optimal strategy for the malicious actor.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.