Close this search box.

The ‘First Rule’ of Ransomware Negotiations

The author

In some countries, kidnappings are so common that an entire industry of negotiators and consultants emerged to facilitate the exchange of ransoms and the safe recovery of victims. Many aspects of cybercrime are similar to crimes committed offline, so it should surprise nobody that ransomware negotiators not only exist, but have existed for long enough that significant experience has built up within the industry, The Register reports.

As the crypto market enters another “crypto winter,” the move away from simple financial ransoms is accelerating. Ransomware gangs are regularly leaning on threats to publish data publicly, rather than simply encrypt it. 

As the stakes rise, a ransomware negotiator is often your best bet to avoid the release of your data, but the entire endeavor should be approached the same way as a discussion about Fight Club: “The first rule of being a ransomware negotiator is that you don’t admit you’re a ransomware negotiator—at least not to LockBit or another cybercrime gang.”

A negotiator doesn’t have the same emotional investment in the result as their client, and isn’t as likely to make emotional mistakes. This allows them to get the best results for their clients, which is exactly why ransomware gangs don’t like them: “…most ransomware groups specifically and explicitly say: ‘We don’t want to work with a negotiator. If you do bring a negotiator to the table, we’re just going to post your stuff anyway,'” Schmitt told The Register. Hence the need to masquerade as a regular employee.

Ransomware can happen to anyone, and as a result, everyone should have a plan of action if it does. While you’re reviewing that plan, give some thought to whether or not it’s worth having a list of ransomware negotiators handy. Just in case.

Sign Up For Our Newsletter

Don’t worry, we hate spam too!

Get The Latest On Ransomware Right In Your Inbox

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Is This Your Business?
Get In Touch

Contact Us To Sponsor Your Business Listing & Learn More About The Benfits.

Before You Go!
Sign up to stay up to date with everything ransomware

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

JUST RELEASED: The 2024 State of Ransomware Survey is in.


Share via
Copy link
Powered by Social Snap