Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
Double-sided Information Asymmetry in Double Extortion Ransomware
View through CrossRef
Abstract
Double extortion ransomware attacks are a form of cyber attack where the victims files are both encrypted and exfiltrated for extortion purposes. There is empirical evidence that double extortion leads to an increased willingness to pay a ransom, and higher ransoms, compared to encryption-only attacks. In this paper we model two important sources of assymetric information between victim and attacker: (a) Victims are typically uncertain whether data is exfiltrated, due to for example misconfigured monitoring systems. (b) It is hard for attackers to estimate the value of compromised files. We use game theory to analyse the payoff consequences of such private information. Specifically, we analyse a signaling game with double-sided information asymmetry: (1) attackers know whether data is exfiltrated and victims do not, and (2) victims know the value of data if it is exfiltrated, but the attackers do not. Our analysis indicates that private information substantially lowers the payoff of attackers. In interpretation, this suggests that private information is valuable to victims and a means to reduce incentives for criminals to pursue ransomware.
Title: Double-sided Information Asymmetry in Double Extortion Ransomware
Description:
Abstract
Double extortion ransomware attacks are a form of cyber attack where the victims files are both encrypted and exfiltrated for extortion purposes.
There is empirical evidence that double extortion leads to an increased willingness to pay a ransom, and higher ransoms, compared to encryption-only attacks.
In this paper we model two important sources of assymetric information between victim and attacker: (a) Victims are typically uncertain whether data is exfiltrated, due to for example misconfigured monitoring systems.
(b) It is hard for attackers to estimate the value of compromised files.
We use game theory to analyse the payoff consequences of such private information.
Specifically, we analyse a signaling game with double-sided information asymmetry: (1) attackers know whether data is exfiltrated and victims do not, and (2) victims know the value of data if it is exfiltrated, but the attackers do not.
Our analysis indicates that private information substantially lowers the payoff of attackers.
In interpretation, this suggests that private information is valuable to victims and a means to reduce incentives for criminals to pursue ransomware.
Related Results
Early Detection of Windows Cryptographic Ransomware Based on Pre-Attack API Calls Features and Machine Learning
Early Detection of Windows Cryptographic Ransomware Based on Pre-Attack API Calls Features and Machine Learning
Ransomware attacks are currently one of cybersecurity's greatest and most alluring threats. Antivirus software is frequently ineffective against zero-day malware and ransomware att...
Cultural Transmission and Extortion
Cultural Transmission and Extortion
This paper explores the role of cultural transmission in extortion. Extortion is modeled as an asymmetric contest where individuals from one group attempt to take from individuals ...
ARMED EXTORTION IN LIGHT OF THE PRINCIPLE OF CRIMINAL LEGALITY
ARMED EXTORTION IN LIGHT OF THE PRINCIPLE OF CRIMINAL LEGALITY
Furthermore, the DRC's military courts and tribunals fail to respect the principle of legality of offenses and penalties, in that they conflate the offense of armed robbery with th...
Effects of Ransomware: Analysis, Challenges and Future Perspective
Effects of Ransomware: Analysis, Challenges and Future Perspective
This review paper highlights the challenges and best practices in malware analysis, specifically focusing on the age of ransomware. It provides an overview of malware and its impac...
Optimizing Blockchain-Based Cybersecurity Systems to Strengthen Resilience Against Ransomware Attacks : A Systematic Literature Review
Optimizing Blockchain-Based Cybersecurity Systems to Strengthen Resilience Against Ransomware Attacks : A Systematic Literature Review
This study aims to address the challenges and propose solutions for the Optimization of Blockchain-Based Cybersecurity Systems to Enhance Resilience Against Ransomware Attacks usin...
A Proposed Methodology to Mitigate the Ransomware Attack
A Proposed Methodology to Mitigate the Ransomware Attack
Now a day’s network security becomes more important to organizations, government offices. With the fast advancement of the innovation, assaults throughout the years have turned out...
Tumor sideness and mutational status: The potential effects on mCRC pts survival and treatment outcomes.
Tumor sideness and mutational status: The potential effects on mCRC pts survival and treatment outcomes.
682 Background: The treatment of mCRC has been changed with identification of different clinical behaviour of right and left sided tumors. Right-sided primary was associated with ...
An economic analysis of ransomware and its welfare consequences
An economic analysis of ransomware and its welfare consequences
We present in this work an economic analysis of ransomware, a relatively new form of cyber-enabled extortion. We look at how the illegal gains of the criminals will depend on the s...