Cyber attacks are an increasing threat to victims ranging from individuals to businesses and nation-states. Underpinning these attacks is an ecosystem of adversaries that compete with each other in profitable nefarious activities such as advertising illegal pharmacies, manipulating
business and product reviews, or engaging in illegal financial activities. Preventing these attacks in general is intractable as it involves solving problems such as creating perfectly secure software, authenticating product reviews, and verifying the intentions of financial market participants. In
this work we approach these problems through the lens of economic rationality and postulate that understanding the economics of the attacker unlocks empirically effective solutions that make attacks unattractive or impractical rather than impossible.