Home / Technology / Ransomware Negotiators: The New Cyber Dealmakers
Ransomware Negotiators: The New Cyber Dealmakers
5 Apr
Summary
- Specialist negotiators are emerging in cybersecurity to handle ransomware demands.
- Negotiators buy time, gather intelligence, and facilitate deals with hackers.
- Paying ransoms does not guarantee hackers will uphold their agreements.
The global rise in ransomware attacks has spurred the growth of specialist negotiators in cybersecurity. These experts are essential for businesses facing high-stakes talks with criminal organizations, aiding in strategy development by acquiring vital information.
Negotiators employ tactics like posing as IT workers and slowing communication tempo to manage discussions. Their objective is to buy time, inform executive decisions, and gather intelligence on the attackers, without necessarily committing to payment.
Discussions often occur on dark web portals or encrypted platforms and can last weeks. Criminals typically demand 1-2% of a company's revenue, a figure that negotiators aim to reduce while also attempting to track attackers.
Many negotiators come from law enforcement or financial backgrounds, adapting their skills to cyber extortion. Despite the professional approach, hackers can exhibit immature behavior, complicating the talks.
Legal advice is critical to ensure payments do not breach international sanctions. If payment is decided upon, negotiators may facilitate it directly or engage payment specialists, usually in cryptocurrency like Bitcoin.
Experts caution that paying does not guarantee hackers will keep their word. This concern, coupled with increased data backups and the growing use of negotiators, has led to a decrease in companies paying ransoms.
