Should I Pay or Should I Go? Game Theory and Ransomware presented at BSidesSanFrancisco 2017

by Tony Martin-vegue,

Summary : Ransomware infections are nasty and potentially devastating events that can cripple large companies and home computers alike. Ransomware comes in many varieties and works in different ways, but the basic scenario is the same: cybercriminals infect your computer with malicious software that blocks access to your system or important files until you pay the ransom. You have a finite amount of days to pay if you ever want to see your files again.
Should you pay? The answer is a little more nuanced than “never pay” or “always pay.” The decision is a complex scenario of incentives and payoffs that can be analyzed with game theory. Game theory is a branch of mathematics that models conflict and cooperation between parties and is used in many real-world scenarios, inside and outside the Information Security field, including machine learning, poker games, allocation of security resources, kidnappings and nuclear war.
This talk will use the familiar topic of ransomware to introduce participants to game theory concepts like rational decision-making, zero-sum games, incentives, utility and Nash Equilibrium – all important tools that can help solve security problems. By analyzing ransomware decision-making with a game theory mindset, participants will learn a new set of skills and a new way of incentive-driven thinking. Participants may be surprised to find that ransomware response isn’t black or white.