To pay or not: game theoretic models of ransomware

Ransomware is a type of malware that encrypts files and demands a ransom from victims. It can be viewed as a form of kidnapping in which the criminal takes control of the victim's files with the objective of financial gain. In this article, we review and develop the game theoretic literature on kidnapping in order to gain insight on ransomware. The prior literature on kidnapping has largely focused on political or terrorist hostage taking. We demonstrate, however, that key models within the literature can be adapted to give critical new insight on ransomware. We primarily focus on two models. The first gives insight on the optimal ransom that criminals should charge. The second gives insight on the role of deterrence through preventative measures. A key insight from both models will be the importance of spillover effects across victims. We will argue that such spillovers point to the need for some level of outside intervention, by governments or otherwise, to tackle ransomware.