Should I Pay or Should I Go? Game Theory and Ransomware

Presented at BSidesSF 2017, Feb. 12, 2017, 4:50 p.m. (30 minutes).

Ransomware infections are nasty and potentially devastating events that can cripple large companies and home computers alike. Ransomware comes in many varieties and works in different ways, but the basic scenario is the same: cybercriminals infect your computer with malicious software that blocks access to your system or important files until you pay the ransom. You have a finite amount of days to pay if you ever want to see your files again. Should you pay? The answer is a little more nuanced than "never pay" or "always pay." The decision is a complex scenario of incentives and payoffs that can be analyzed with game theory. Game theory is a branch of mathematics that models conflict and cooperation between parties and is used in many real-world scenarios, inside and outside the Information Security field, including machine learning, poker games, allocation of security resources, kidnappings and nuclear war. This talk will use the familiar topic of ransomware to introduce participants to game theory concepts like rational decision-making, zero-sum games, incentives, utility and Nash Equilibrium - all important tools that can help solve security problems. By analyzing ransomware decision-making with a game theory mindset, participants will learn a new set of skills and a new way of incentive-driven thinking.  Participants may be surprised to find that ransomware response isn't black or white.

Presenters:

  • Tony Martin-Vegue
    Tony Martin-Vegue works for Bay Area financial institution leading their security risk management program. His enterprise risk and security analyses are informed by his 20 years of technical expertise in areas such as network operations, cryptography and system administration. Tony holds a Bachelor of Science in Business Economics from the University of San Francisco and holds many certifications including CISSP, CISM and CEH.

Links:

Similar Presentations: