# Ransomware and Reputation

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

## 2. Model

## 3. Results

**Proposition**

**1.**

**Proof.**

**Proposition**

**2.**

**Proof.**

#### 3.1. Sampling Recent Victims

**Proposition**

**3.**

**Proof.**

**Proposition**

**4.**

**Proof.**

#### 3.2. Simulation Results on Sample Size

## 4. Conclusions

## Author Contributions

## Funding

## Acknowledgments

## Conflicts of Interest

## Appendix A

## References

- Hull, G.; John, H.; Arief, B. Ransomware Deployment Methods and Analysis: Views from a Predictive Model and Human Responses. Crime Sci.
**2019**, 8, 2. [Google Scholar] [CrossRef] - Kharraz, A.; Robertson, W.; Balzarotti, D.; Bilge, L.; Kirda, E. Cutting the gordian knot: A look under the hood of ransomware attacks. In Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Milan, Italy, 9–10 July 2015; Springer: Cham, Switzerland, 2015; pp. 3–24. [Google Scholar]
- Mansfield-Devine, S. Ransomware: Taking businesses hostage. Netw. Secur.
**2016**, 2016, 8–17. [Google Scholar] [CrossRef] - Richardson, R.; North, M. Ransomware: Evolution, mitigation and prevention. Int. Manag. Rev.
**2017**, 13, 10–21. [Google Scholar] - F-Secure. F-Secure State of Cyber-Security Report 2017. 2017. Available online: https://www.f-secure.com/documents/996508/1030743/cyber-security-report-2017 (accessed on 14 May 2019).
- Aurangzeb, S.; Aleem, M.; Iqbal, M.A.; Islam, M.A. Ransomware: A Survey and Trends. J. Inf. Assur. Secur.
**2017**, 6, 48–58. [Google Scholar] - Hernandez-Castro, J.; Cartwright, E.; Stepanova, A. Economic Analysis of Ransomware. arXiv
**2017**, arXiv:1703.06660v1. [Google Scholar] [CrossRef][Green Version] - Trend-Micro. Ransomware: The Truth Behind the Headlines. 2016. Available online: https://www.trendmicro.co.uk/media/misc/ransomware-the-truth-behind-the-headlines.pdf (accessed on 14 May 2019).
- Huang, D.Y.; Aliapoulios, M.M.; Li, V.G.; Invernizzi, L.; Bursztein, E.; McRoberts, K.; Levin, J.; Levchenko, K.; Snoeren, A.C.; McCoy, D. Tracking ransomware end-to-end. In Proceedings of the 2018 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 20–24 May 2018; pp. 618–631. [Google Scholar]
- Paquet-Clouston, M.; Haslhofer, B.; Dupont, B. Ransomware Payments in the Bitcoin Ecosystem. arXiv
**2018**, arXiv:1804.04080. [Google Scholar] [CrossRef] - Cusack, B.; Ward, G. Points of Failure in the Ransomware Electronic Business Model. In Proceedings of the Twenty-Fourth Americas Conference on Information Systems, New Orleans, LA, USA, 16–18 August 2018. [Google Scholar]
- Rashid, F. 4 Reasons Not to Pay Up in a Ransomware Attack. InfoWorld. 2016. Available online: https://www.infoworld.com/article/3043197/4-reasons-not-to-pay-up-in-a-ransomware-attack.html (accessed on 14 May 2019).
- VioletBlue. Customer Service Matters When It Comes to Ransomware, Engadget. 2016. Available online: https://www.engadget.com/2016/09/09/customer-service-matters-when-it-comes-to-ransomware/ (accessed on 16 May 2019).
- CyberEdge. Fifth-Annual Cyberthreat Defense Report. 2018. Available online: https://cyber-edge.com/cdr/#about-this-report (accessed on 16 May 2019).
- Bursztein, E. Unmasking the Ransomware Kingpins. EliE. 2017. Available online: https://elie.net/blog/security/unmasking-the-ransomware-kingpins/ (accessed on 16 May 2019).
- Palmer, D. The Godfather of Ransomware Returns: Locky Is Back and Sneakier than Ever. ZD Net. 2017. Available online: https://www.zdnet.com/article/the-godfather-of-ransomware-returns-locky-is-back-and-sneakier-than-ever/ (accessed on 16 May 2019).
- Caulfield, T.; Ioannidis, C.; Pym, D. Dynamic Pricing for Ransomware. 2019. Available online: http://www0.cs.ucl.ac.uk/staff/D.Pym/ransomware-dynamic.pdf (accessed on 14 May 2019).
- Caporusso, N.; Chea, S.; Abukhaled, R. A Game-Theoretical Model of Ransomware. In Proceedings of the International Conference on Applied Human Factors and Ergonomics, Orlando, FL, USA, 27–31 July 2018; Springer: Cham, Switzerland, 2018; pp. 69–78. [Google Scholar]
- Laszka, A.; Farhang, S.; Grossklags, J. On the Economics of Ransomware. In Proceedings of the International Conference on Decision and Game Theory for Security, Vienna, Austria, 23–25 October 2017; Springer: Cham, Switzerland, 2017; pp. 397–417. [Google Scholar]
- Cartwright, A.; Cartwright, E.; Hernandez-Castro, H. To pay or not: Game theoretic models of ransomware. J. Cybersecur.
**2019**. forthcoming. [Google Scholar] - Brandt, P.T.; George, J.; Sandler, T. Why concessions should not be made to terrorist kidnappers. Eur. J. Political Econ.
**2016**, 44, 41–52. [Google Scholar] [CrossRef][Green Version] - Lapan, H.E.; Sandler, T. To bargain or not to bargain: That is the question. Am. Econ. Rev.
**1988**, 78, 16–21. [Google Scholar] - Selten, R. A simple game model of kidnapping. In Mathematical Economics and Game Theory; Springer: Berlin/Heidelberg, Germany, 1977; pp. 139–155. [Google Scholar]
- Zarifis, A.; Cheng, X. The Impact of Extended Global Ransomware Attacks on Trust: How the Attacker’s Competence and Institutional Trust Influence the Decision to Pay. In Proceedings of the Twenty-Fourth Americas Conference on Information Systems, New Orleans, LA, USA, 16–18 August 2018. [Google Scholar]
- Cripps, M.W.; Mailath, G.J.; Samuelson, L. Imperfect monitoring and impermanent reputations. Econometrica
**2004**, 72, 407–432. [Google Scholar] [CrossRef] - Fudenberg, D.; Levine, D.K. Maintaining a Reputation when Strategies are Imperfectly. Rev. Econ. Stud.
**1992**, 59, 561–579. [Google Scholar] [CrossRef] - Fudenberg, D.; Kreps, D.M.; Maskin, E.S. Repeated games with long-run and short-run players. Rev. Econ. Stud.
**1990**, 57, 555–573. [Google Scholar] [CrossRef] - Celetani, M.; Fudenberg, D.; Levine, D.K.; Pesendorfer, W. Maintaining a reputation against a long-lived opponent. Econometrica
**1996**, 64, 691–704. [Google Scholar] [CrossRef] - Kreps, D.M.; Milgrom, P.; Roberts, J.; Wilson, R. Rational cooperation in the finitely repeated prisoners’ dilemma. J. Econ. Theory
**1982**, 27, 245–252. [Google Scholar] [CrossRef] - Kreps, D.M.; Wilson, R. Reputation and imperfect information. J. Econ. Theory
**1982**, 27, 253–279. [Google Scholar] [CrossRef][Green Version] - Milgrom, P.; Roberts, J. Predation, reputation, and entry deterrence. J. Econ. Theory
**1982**, 27, 280–312. [Google Scholar] [CrossRef][Green Version] - Weinstein, J.; Yildiz, M. Reputation without commitment in finitely repeated games. Theor. Econ.
**2016**, 11, 157–185. [Google Scholar] [CrossRef][Green Version] - Fudenberg, D.; Levine, D.K. The Theory of Learning in Games; MIT Press: Cambridge, MA, USA, 1998. [Google Scholar]
- Young, H.P. Individual Strategy and Social Structure: An Evolutionary Theory of Institutions; Princeton University Press: Princeton, NJ, USA, 2001. [Google Scholar]
- Selten, R. Evolution, learning, and economic behavior. Games Econ. Behav.
**1991**, 3, 3–24. [Google Scholar] [CrossRef] - Young, H.P. The evolution of conventions. Econometrica
**1993**, 61, 57–84. [Google Scholar] [CrossRef] - D’Acremont, M.; Schultz, W.; Bossaerts, P. The human brain encodes event frequencies while forming subjective beliefs. J. Neurosci.
**2013**, 33, 10887–10897. [Google Scholar] [CrossRef] - Feltovich, N. Reinforcement-based vs. Belief-based Learning Models in Experimental Asymmetric-information Games. Econometrica
**2000**, 68, 605–641. [Google Scholar] [CrossRef]

1. | Although it is not clear whether this is some criminals returning the files $100\%$ of the time and some $0\%$ of the time, or it is mixing by a particular criminal. |

2. | We restrict $q\left(v\right)$ to lie in the interval $[0,1]$ as appropriate. |

3. | The victim observes ${r}_{t}$ before making her decision and so beliefs may also be conditioned on this. In our results this will not be an issue because the ransom is constant over time. So in the text we use ${h}_{t}$ as shorthand for ${h}_{t}$ and ${r}_{t}$. |

4. | |

5. | To formally capture this one would need a game with multiple criminals in which beliefs are shaped by the collective behavior of independent criminals. |

6. | Grim-trigger beliefs are consistent with reputational models where a failure to return the files serves as a signal the criminal is not a commitment type [25]. |

7. | In comparing our model to other models of belief-based learning we make the following remarks. Young (1993) allows that the individual does not necessarily sample the last n events. This adds a further stochastic element. Other models allow the past to gradually be forgotten and so recent events are given higher weight [38]. |

8. | Parameters $a=b=1$ can be set without loss of generality. |

9. | For a precise definition of $\delta $ high see Equation (6). |

**Figure 1.**Criminal’s profit as a function of w for four different values of n when $c=0.01$ and $\delta =1$.

**Figure 2.**Criminal’s profit as a function of w for four different values of n when $c=0.1$ and $\delta =0.9$.

**Figure 4.**Criminal’s profit over time for three different values of w when $c=0.1$ and ${\beta}_{1}=0.5$.

© 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Cartwright, A.; Cartwright, E. Ransomware and Reputation. *Games* **2019**, *10*, 26.
https://doi.org/10.3390/g10020026

**AMA Style**

Cartwright A, Cartwright E. Ransomware and Reputation. *Games*. 2019; 10(2):26.
https://doi.org/10.3390/g10020026

**Chicago/Turabian Style**

Cartwright, Anna, and Edward Cartwright. 2019. "Ransomware and Reputation" *Games* 10, no. 2: 26.
https://doi.org/10.3390/g10020026