The Dos and Don’ts of Ransomware Negotiation | IPSYSTEMS, Inc.
loader
Blog:

The Dos and Don’ts of Ransomware Negotiation

Criminal gangs and abductors have often demanded ransom before releasing hostages or giving up some other advantage. Today, such stories have assumed a digital twist. Criminals, or “cybercriminals” as often referred to by cybersecurity experts, are doing their best to monetize access to corporate networks using ransomware with modern encryption technology.

How Cybercriminals Create the Perfect Angle for Extortion

Cybercriminals implementing ransomware attacks typically work in the following three-step fashion:

  1. targeting an organization,
  2. restricting access to all data, and
  3. demanding money (or something else of value) before releasing the data.

It is possible to lose hundreds of thousands of dollars to such criminals. While you should typically be able to restore data from backups and bypass their encryption, this will no longer be an option if they find and destroy your backups.

So, How Should You Pay Ransom?

The average cyber attacker is unethical and unpredictable. Here are things you should do when negotiating ransom payments:

It’s important to know if the attacker has the skills to decrypt your data when you pay. Many of the available ransomware products on the darknet markets can destroy your data due to their poor design.

Ransomware negotiation is serious business. It would help if you remained calm and reasonable while being logical. It guarantees the best possible outcome for your company. An example is offering a low payment but offering to get the money the quickest you can. Criminals often prefer smaller payments than larger payments that could land them in hot water.

This approach usually incenses attackers. They will pick that right off the bat, especially if they have explored your network a good while before holding you hostage.

Lying about your financials can make negotiations more complicated and prolong your troubles.

Mutual trust is essential in ransomware negotiations. Wire money to the criminals as you've promised. They may publish your data or cease to respond if you don't.

As uncomfortable as it sounds, you want negotiations to be as successful as possible. Pronouns such as “we” make this clear to the criminals and get them warm when messaging you.

An experienced data hostage negotiator will help you navigate tricky touchpoints when dealing with someone who has unauthorized access to your data.

  1. Ask for “proof of life”
  2. Act like this is any other business negotiation
  3. Be who you say you are
  4. Promise what you can afford
  5. Play like a team and involve a professional

What You Must Avoid in Ransomware Negotiations

These are the top gems of advice companies should heed when negotiating a ransom with criminals over data:

  1. Do not offend the attacker by being unprofessional and disrespectful.
  2. Never tell them you have cyber insurance that covers cyber extortion.
  3. A ransomware attack is unlike traditional hostage-taking or kidnapping. Do not treat the two alike.

Cybersecurity is a vast undertaking. An offensive strategy puts you ahead in the game. Therefore, getting a data security partner to ensure that your endpoints are secure is a wise investment. You can also sign up with a cybersecurity solutions provider to help with ransomware prevention.

Cybercriminals today use incredible sophisticated and convincing methods to fool those who are not aware of their schemes and attack vulnerable systems. But by staying educated and up to date about the latest cyber attack trends, you can keep your employees and business safe.

Cyberbullying Infographics

Blog: Combating Bullying in Digital Classrooms: Empowering Students for a Safer Learning Environment Bullying is a pervasive issue that inflicts emotional, psychological, and physical

Read More »