Negotiation with Ransomware Hackers
With our Ransomware Negotiation Services, our team of experts communicate with threat actors on your behalf and provide you with a rapid, risk-informed negotiation strategy to ensure the best possible outcome for your organization
Cyber Crime and Negotiator Response
The demand for Negotiators to respond to hostage-taking and extortion has always existed but has risen dramatically over the last decade or so. The rise in extortion, and in particular cyber-extortion, is fuelled by the reliance on digital means for conducting business and maintaining an online presence. How a business responds to a cyber-attack will depend upon the nature and intention of the attack. Using a Hostage Negotiator has many benefits. Meaningful engagement with the cyber-criminal to prevent unintended escalation being just one.
Ransomware attacks, where hackers encrypt or exfiltrate sensitive data and demand payment (usually in cryptocurrency) to restore it, posed one of the most significant cybersecurity threats to businesses around the world in 2024, according to research by Check Point Software Technologies Ltd., a US-Israeli cybersecurity company. Chainalysis, a US blockchain analysis firm, recorded $813 million in ransomware payments in 2024. . Other geopolitical considerations across the world also increased the threat and volume of cyber-attacks.
Ransomware attacks, where hackers encrypt or exfiltrate sensitive data and demand payment (usually in cryptocurrency) to restore it, posed one of the most significant cybersecurity threats to businesses around the world in 2024, according to research by Check Point Software Technologies Ltd., a US-Israeli cybersecurity company. Chainalysis, a US blockchain analysis firm, recorded $813 million in ransomware payments in 2024. . Other geopolitical considerations across the world also increased the threat and volume of cyber-attacks.
Why Do I Need a Negotiator?
The UK Government and the Federal Bureau of Investigation (FBI) advise organisations to avoid negotiating with cyber-criminals and do not endorse the payment of ransoms. The argument is that the payment of a ransom sets a dangerous precedent and is likely to encourage further attacks. The appetite to resolve incidents in the business world is completely different.
A mantra that I follow is ‘engagement does not imply approval’. On many occasions, I have had detailed conversations with kidnappers and extortionists regarding their demands for ransom payments in exchange for the release of hostages.
Locking you or your customers out of your organisation’s network or stealing your valuable data is hostage-taking by any definition. Using a Hostage Negotiator has many benefits which, amongst others, include:
A mantra that I follow is ‘engagement does not imply approval’. On many occasions, I have had detailed conversations with kidnappers and extortionists regarding their demands for ransom payments in exchange for the release of hostages.
Locking you or your customers out of your organisation’s network or stealing your valuable data is hostage-taking by any definition. Using a Hostage Negotiator has many benefits which, amongst others, include:
- Meaningful engagement with the cyber-criminal to prevent unintended escalation.
- The capture of evidence of any criminality which may assist in the prosecution of the cyber-criminal.
- The development of intelligence to assess the continuing risk to the organisation and individuals.
- The introduction of realistic delays around the meeting of a ransom demand to facilitate the development of intelligence, to allow the network to be rolled back to an identified back-up point and testing of the system to identify the mode of attack.
- Reduce the expectation of the cyber-criminal.
- Discourage or minimise any unilateral action taken by others.
- Liaise with law enforcement if applicable.
