Using Game Theory to Study the Evolution of Ransomware - Checkmate

Explore the evolution of ransomware through the lens of game theory in this 30-minute conference talk from NorthSec. Delve into the challenges faced by defenders in an ever-changing threat landscape and examine how attackers exploit technological advancements for criminal gain. Learn how zero-sum game theory can be applied to analyze the behaviors of conflicting parties in ransomware scenarios. Discover why traditional one-on-one game theory models fall short in representing the reality of multiple simultaneous attacks faced by defenders. Investigate potential strategies to balance the odds, focusing on reducing the asymmetric information gap between attackers and defenders. Gain insights from a comprehensive study of over 80 ransomware strains spanning five years (2017-2022), uncovering recurring techniques, tactics, and stable behaviors. Examine the evolution of Tactics, Techniques, and Procedures (TTPs) over time and consider the implications of these findings for cybersecurity professionals and organizations.

NSEC2023 - Checkmate: using game theory to study the evolution of ransomware