Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
Double-sided Information Asymmetry in Double Extortion Ransomware
View through CrossRef
Abstract
Double extortion ransomware attacks are a form of cyber attack where the victims files are both encrypted and exfiltrated for extortion purposes. There is empirical evidence that double extortion leads to an increased willingness to pay a ransom, and higher ransoms, compared to encryption-only attacks. In this paper we model two important sources of assymetric information between victim and attacker: (a) Victims are typically uncertain whether data is exfiltrated, due to for example misconfigured monitoring systems. (b) It is hard for attackers to estimate the value of compromised files. We use game theory to analyse the payoff consequences of such private information. Specifically, we analyse a signaling game with double-sided information asymmetry: (1) attackers know whether data is exfiltrated and victims do not, and (2) victims know the value of data if it is exfiltrated, but the attackers do not. Our analysis indicates that private information substantially lowers the payoff of attackers. In interpretation, this suggests that private information is valuable to victims and a means to reduce incentives for criminals to pursue ransomware.
Title: Double-sided Information Asymmetry in Double Extortion Ransomware
Description:
Abstract
Double extortion ransomware attacks are a form of cyber attack where the victims files are both encrypted and exfiltrated for extortion purposes.
There is empirical evidence that double extortion leads to an increased willingness to pay a ransom, and higher ransoms, compared to encryption-only attacks.
In this paper we model two important sources of assymetric information between victim and attacker: (a) Victims are typically uncertain whether data is exfiltrated, due to for example misconfigured monitoring systems.
(b) It is hard for attackers to estimate the value of compromised files.
We use game theory to analyse the payoff consequences of such private information.
Specifically, we analyse a signaling game with double-sided information asymmetry: (1) attackers know whether data is exfiltrated and victims do not, and (2) victims know the value of data if it is exfiltrated, but the attackers do not.
Our analysis indicates that private information substantially lowers the payoff of attackers.
In interpretation, this suggests that private information is valuable to victims and a means to reduce incentives for criminals to pursue ransomware.
Related Results
Early Detection of Windows Cryptographic Ransomware Based on Pre-Attack API Calls Features and Machine Learning
Early Detection of Windows Cryptographic Ransomware Based on Pre-Attack API Calls Features and Machine Learning
Ransomware attacks are currently one of cybersecurity's greatest and most alluring threats. Antivirus software is frequently ineffective against zero-day malware and ransomware att...
Cultural Transmission and Extortion
Cultural Transmission and Extortion
This paper explores the role of cultural transmission in extortion. Extortion is modeled as an asymmetric contest where individuals from one group attempt to take from individuals ...
ARMED EXTORTION IN LIGHT OF THE PRINCIPLE OF CRIMINAL LEGALITY
ARMED EXTORTION IN LIGHT OF THE PRINCIPLE OF CRIMINAL LEGALITY
Furthermore, the DRC's military courts and tribunals fail to respect the principle of legality of offenses and penalties, in that they conflate the offense of armed robbery with th...
Effects of Ransomware: Analysis, Challenges and Future Perspective
Effects of Ransomware: Analysis, Challenges and Future Perspective
This review paper highlights the challenges and best practices in malware analysis, specifically focusing on the age of ransomware. It provides an overview of malware and its impac...
Quantification of three-dimensional facial asymmetry for diagnosis and postoperative evaluation of orthognathic surgery
Quantification of three-dimensional facial asymmetry for diagnosis and postoperative evaluation of orthognathic surgery
Abstract
Background
To evaluate the facial asymmetry, three-dimensional computed tomography (3D-CT) has been used widely. This study proposed a method to quantify facial asymmetry ...
Ransomware Detection and Defense
Ransomware Detection and Defense
Like other criminals in world, cyber-criminals are using different illegal and unethical ways to gain their mischievous purposes. Malware known as Ransomware is a new threat to wor...
AI-enhanced Defense Against Ransomware Within the Organization’s Architecture
AI-enhanced Defense Against Ransomware Within the Organization’s Architecture
Ransomware is a type of revenue-generating tactic that cybercriminals utilize to improve their income. Businesses have spent billions of dollars recovering control of their resourc...
Making It Magical
Making It Magical
In the late 2010s, I owned and operated a bespoke drum-building company, and during that time, I was commissioned to build a frame drum by the partner of a musician who was also a ...