Taming the Ransomware Threats: Leveraging Prospect Theory for Rational Payment Decisions

TL;DR

This paper introduces a novel decision support algorithm based on Prospect Theory to help organizations make rational choices during ransomware attacks, considering attacker tactics, time urgency, and application criticality.

Contribution

It develops the RADS algorithm that models attacker manipulation and organizational decision-making using Prospect Theory, improving response strategies against ransomware threats.

Findings

RADS effectively models attacker influence and decision biases.

The algorithm aids organizations in making optimal ransom payment decisions.

Incorporating Prospect Theory enhances decision accuracy under time pressure.

Abstract

Day by day, the frequency of ransomware attacks on organizations is experiencing a significant surge. High-profile incidents involving major entities like Las Vegas giants MGM Resorts, Caesar Entertainment, and Boeing underscore the profound impact, posing substantial business barriers. When a sudden cyberattack occurs, organizations often find themselves at a loss, with a looming countdown to pay the ransom, leading to a cascade of impromptu and unfavourable decisions. This paper adopts a novel approach, leveraging Prospect Theory, to elucidate the tactics employed by cyber attackers to entice organizations into paying the ransom. Furthermore, it introduces an algorithm based on Prospect Theory and an Attack Recovery Plan, enabling organizations to make informed decisions on whether to consent to the ransom demands or resist. This algorithm Ransomware Risk Analysis and Decision Support (RADS) uses Prospect Theory to re-instantiate the shifted reference manipulated as perceived gains by attackers and adjusts for the framing effect created due to time urgency. Additionally, leveraging application criticality and incorporating Prospect Theory's insights into under/over weighing probabilities, RADS facilitates informed decision-making that transcends the simplistic framework of "consent" or "resistance," enabling organizations to achieve optimal decisions.