Today, ransomware is treated mostly as a criminal problem, but it may also soon be a geopolitical issue. I use game theory to study ransomware, and I’ve also examined how adversaries like North Korea use cyber tools for strategic goals. My research suggests it’s only a matter of time before encryption is used for geopolitical gains. The incentives built into ransomware attacks — for both the attacker and the victim — will make it easier for smaller, poorer players to extract concessions from more powerful adversaries. But the good news is that two can play at that game: In the future, encryption might also become a way for countries to proportionally respond to cyberattacks without causing all-out war in cyberspace.
Throughout history, state and nonstate actors have sought to hold an enemy’s valued assets at risk to bargain for political gains. Land invasions that captured capital cities have been used to compel governments to surrender, threats to close critical maritime chokepoints have been used as bargaining chips, and hostages have been taken to negotiate political or monetary concessions. In other cases, adversaries have kidnapped each other’s princes or held one another’s cities at risk with nuclear weapons, creating mutual hostage relationships to ensure neither side upsets the status quo.
Ransomware — or the underlying encryption algorithm that locks up data — is just another chess piece in this game. But the game theory that drives the attacker and the victim in a ransomware attack may sometimes make this a more attractive way of coercing the enemy than bombings, blockades or nuclear threats.
Advertisement
Join the conversation as a VIP Member