{"id":5926,"date":"2023-07-20T14:59:40","date_gmt":"2023-07-20T14:59:40","guid":{"rendered":"https:\/\/mysourcefunding.com\/startups\/eight-steps-to-negotiating-with-ransomware-hackers\/"},"modified":"2023-07-20T14:59:41","modified_gmt":"2023-07-20T14:59:41","slug":"eight-steps-to-negotiating-with-ransomware-hackers","status":"publish","type":"post","link":"https:\/\/mysourcefunding.com\/?p=5926","title":{"rendered":"Eight Steps To Negotiating With Ransomware Hackers"},"content":{"rendered":"<div>\n<p><em>Founder, <\/em><em data-ga-track=\"ExternalLink:https:\/\/www.beforecrypt.com\/en\/ransomware-recovery\/\">BeforeCrypt GmbH<\/em><em> \u2013 The Leading Ransomware Experts In Europe.<\/em><\/p>\n<p>In his famous work <em>The Art of War<\/em>, Sun Tzu wrote, &#8220;If you know your enemy and know yourself, you need not fear the result of a hundred battles.&#8221; I see this ancient wisdom perfectly summing up how businesses should approach negotiating with ransomware hackers.<\/p>\n<p>Understanding your own organization and the impact of a ransomware attack\u2014along with information about the attackers\u2014can help you decide how to negotiate or if you should negotiate at all. So how do you navigate a high-stress ransom situation? Below are eight steps you can follow.<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Step 1: Build A Team<\/h2>\n<p>The first step of ransomware response is forming a team. You will need a team leader who has an overview of the situation and can present that data to decision makers. This may require coordinating with the heads of different departments in order to properly collect the data.<\/p>\n<p><fbs-ad position=\"inread\" progressive=\"\" ad-id=\"article-0-inread\" aria-hidden=\"true\" role=\"presentation\"><\/fbs-ad><\/p>\n<p>You\u2019ll also need team members qualified to handle different tasks, from setting up secure communication channels to summarizing data for decision makers to actually making a ransom payment.<\/p>\n<p>If you bring in a professional ransomware response team, you will need to designate team members to facilitate their work.<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Step 2: Contact Law Enforcement<\/h2>\n<p>Before you start talking to the hackers, it\u2019s best to contact law enforcement and report the breach. A designated team member should handle collecting the data needed for the police report and communicating with the authorities.<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Step 3: Set Up Secure Communications<\/h2>\n<p>The hackers may be watching you try to get inside information they can use in the negotiation process. It\u2019s important to keep all communications related to the negotiations secure and encrypted.<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Step 4: Damage Assessment<\/h2>\n<p>It only makes sense to pay a ransom if the benefit is greater than the cost. That means you need to know things like:<\/p>\n<p>\u2022 How much of the network has been breached?<\/p>\n<p>\u2022 What types of data have been compromised?<\/p>\n<p>\u2022 What are the costs associated with data leaks (i.e., patient data, customer data, trade secrets, etc.)<\/p>\n<p>You also need to know how the encrypted data will affect your work.<\/p>\n<p>\u2022 How will the loss of encrypted data affect operations? How much will the disruption cost?<\/p>\n<p>\u2022 How long would it take to get back to normal by manually recovering the data or reconstructing the data?<\/p>\n<p>\u2022 What will the damage look like in terms of customer relations and brand image?<\/p>\n<p>Hackers know this is a lot to consider. This is why they will likely try to put pressure on you\u2014they don\u2019t want you to have enough time to make good, informed decisions.<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Step 5: Make Contact<\/h2>\n<p>If you can, it\u2019s best to avoid paying a ransom, and most law enforcement agencies recommend avoiding it if possible. If the costs of the attack are too high, however, it may be necessary to contact the hackers. There are also some things to keep in mind when making contact.<\/p>\n<h3 class=\"subhead3-embed color-body bg-base font-accent font-size text-align\">Exercise caution when talking to attackers.<\/h3>\n<p>Watch out for hackers trying to trick you into giving up information that can be used against you. Stay calm and don\u2019t give up any sensitive information when talking with them.<\/p>\n<h3 class=\"subhead3-embed color-body bg-base font-accent font-size text-align\">Verify the extent of data loss.<\/h3>\n<p>Before you start negotiating the ransom, make sure the attackers aren\u2019t bluffing. Don\u2019t trust any of their claims and ask for proof. In some cases, they will upload the files to a server where you can see them, in which case you know their threats are authentic.<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Step 6: Assess The Ransom Demand<\/h2>\n<p>At this point, you should know:<\/p>\n<p>\u2022 How big the scope of the attack is.<\/p>\n<p>\u2022 How much downtime you are facing if you do not recover the data.<\/p>\n<p>\u2022 How long it will take you to get back to normal if you recover the data.<\/p>\n<p>\u2022 A rough estimate of the cost of not recovering the data.<\/p>\n<p>If the cost of a ransom is less than the damage of not paying it, it makes economic sense to pay the ransom.<\/p>\n<h3 class=\"subhead3-embed color-body bg-base font-accent font-size text-align\">Who are you dealing with?<\/h3>\n<p>After making contact with the hackers, it\u2019s critical to know what group you are dealing with. Some gangs are notorious for demanding multiple ransom payments after promising not to leak data. Others try to build a good &#8220;reputation&#8221; since they know this will make it easier to get paid.<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Step 7: Make Counter-Offers<\/h2>\n<p>According to Cybernews, most ransoms can be negotiated down by at least 20% and sometimes up to 90%. Discounts of over 50% are common in the majority of negotiations. It\u2019s helpful to be aware of the typical range of ransom payments for organizations similar to yours so you know approximately what the attackers will expect.<\/p>\n<p>The same Cybernews article found that the average ransom paid by a small company is approximately 0.22% of its annual total revenue. This figure can be a starting point to give you an approximate idea of what ransom size to expect. However, ransoms can fluctuate depending on the nature of the attack and the operational methods of the attackers.<\/p>\n<h3 class=\"subhead3-embed color-body bg-base font-accent font-size text-align\">Negotiation techniques<\/h3>\n<p>One common negotiation technique is to offer a smaller sum now or a bigger sum later and claim the inability to pay. For example, a message to the hackers might read something like this:<\/p>\n<p>&#8220;Our company doesn\u2019t have enough capital right now to pay that amount. However, we have $80,000, which we can pay right now if you deliver the decryption key and delete the data.&#8221;<\/p>\n<p>At the same time, don\u2019t insult the attacker&#8217;s intelligence by making ridiculous claims. If you lose credibility with the attackers, it can hurt your negotiating position.<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Step 8: Make The Payment<\/h2>\n<p>Actually making the payment is not technically part of the negotiation, but payment methods can affect negotiations. Some hackers offer discounts if you agree to pay them with an anonymous cryptocurrency like Monero (XMR).<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Keep Calm And Carry On<\/h2>\n<p>It\u2019s important to approach ransomware negotiations with a level head. Panicking won\u2019t help anything. Don\u2019t be afraid to ask for more time if the hackers are threatening you, and don\u2019t hesitate to consult with experts or hire professionals if you feel overwhelmed.<\/p>\n<p>Forbes Business Council is the foremost growth and networking organization for business owners and leaders. <em data-ga-track=\"InternalLink:https:\/\/councils.forbes.com\/qualify?utm_source=forbes.com&amp;utm_medium=referral&amp;utm_campaign=forbes-links&amp;utm_term=fbc&amp;utm_content=in-article-ad-links\">Do I qualify?<\/em><\/p>\n<\/div>\n<p>Read the full article <a href=\"https:\/\/www.forbes.com\/sites\/forbesbusinesscouncil\/2023\/07\/20\/eight-steps-to-negotiating-with-ransomware-hackers\/\" target=\"_blank\" rel=\"noopener\">here<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Founder, BeforeCrypt GmbH \u2013 The Leading Ransomware Experts In Europe. In his famous work The Art of War, Sun Tzu wrote, &#8220;If you know your enemy and know yourself, you need not fear the result of a hundred battles.&#8221; I see this ancient wisdom perfectly summing up how businesses should approach negotiating with ransomware hackers. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":5927,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[77],"tags":[],"class_list":{"0":"post-5926","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-startups"},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Eight Steps To Negotiating With Ransomware Hackers | Brandiary<\/title>\n<meta name=\"description\" content=\"Founder, BeforeCrypt GmbH \u2013 The Leading Ransomware Experts In Europe. In his famous work The Art of War, Sun Tzu wrote, &quot;If you know your enemy and know\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mysourcefunding.com\/?p=5926\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Eight Steps To Negotiating With Ransomware Hackers | Brandiary\" \/>\n<meta property=\"og:description\" content=\"Founder, BeforeCrypt GmbH \u2013 The Leading Ransomware Experts In Europe. In his famous work The Art of War, Sun Tzu wrote, &quot;If you know your enemy and know\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mysourcefunding.com\/?p=5926\" \/>\n<meta property=\"og:site_name\" content=\"Brandiary\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-20T14:59:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-20T14:59:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/07\/1689865181_0x0.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1136\" \/>\n\t<meta property=\"og:image:height\" content=\"758\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"News Room\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"News Room\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/mysourcefunding.com\/?p=5926#article\",\"isPartOf\":{\"@id\":\"https:\/\/mysourcefunding.com\/?p=5926\"},\"author\":{\"name\":\"News Room\",\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/person\/5062dafb0f932b59aa228f1a047332f4\"},\"headline\":\"Eight Steps To Negotiating With Ransomware Hackers\",\"datePublished\":\"2023-07-20T14:59:40+00:00\",\"dateModified\":\"2023-07-20T14:59:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/mysourcefunding.com\/?p=5926\"},\"wordCount\":1047,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/mysourcefunding.com\/#organization\"},\"articleSection\":[\"Startups\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/mysourcefunding.com\/?p=5926#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/mysourcefunding.com\/?p=5926\",\"url\":\"https:\/\/mysourcefunding.com\/?p=5926\",\"name\":\"Eight Steps To Negotiating With Ransomware Hackers | Brandiary\",\"isPartOf\":{\"@id\":\"https:\/\/mysourcefunding.com\/#website\"},\"datePublished\":\"2023-07-20T14:59:40+00:00\",\"dateModified\":\"2023-07-20T14:59:41+00:00\",\"description\":\"Founder, BeforeCrypt GmbH \u2013 The Leading Ransomware Experts In Europe. In his famous work The Art of War, Sun Tzu wrote, \\\"If you know your enemy and know\",\"breadcrumb\":{\"@id\":\"https:\/\/mysourcefunding.com\/?p=5926#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/mysourcefunding.com\/?p=5926\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/mysourcefunding.com\/?p=5926#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/mysourcefunding.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Eight Steps To Negotiating With Ransomware Hackers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/mysourcefunding.com\/#website\",\"url\":\"https:\/\/mysourcefunding.com\/\",\"name\":\"Brandiary\",\"description\":\"Latest Business and Startup News and Updates\",\"publisher\":{\"@id\":\"https:\/\/mysourcefunding.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/mysourcefunding.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/mysourcefunding.com\/#organization\",\"name\":\"Brandiary\",\"url\":\"https:\/\/mysourcefunding.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/b-logo-1.png\",\"contentUrl\":\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/b-logo-1.png\",\"width\":381,\"height\":100,\"caption\":\"Brandiary\"},\"image\":{\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/person\/5062dafb0f932b59aa228f1a047332f4\",\"name\":\"News Room\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/avatar_user_1_1688031660-96x96.png\",\"contentUrl\":\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/avatar_user_1_1688031660-96x96.png\",\"caption\":\"News Room\"},\"sameAs\":[\"https:\/\/mysourcefunding.com\"],\"url\":\"https:\/\/mysourcefunding.com\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Eight Steps To Negotiating With Ransomware Hackers | Brandiary","description":"Founder, BeforeCrypt GmbH \u2013 The Leading Ransomware Experts In Europe. In his famous work The Art of War, Sun Tzu wrote, \"If you know your enemy and know","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mysourcefunding.com\/?p=5926","og_locale":"en_US","og_type":"article","og_title":"Eight Steps To Negotiating With Ransomware Hackers | Brandiary","og_description":"Founder, BeforeCrypt GmbH \u2013 The Leading Ransomware Experts In Europe. In his famous work The Art of War, Sun Tzu wrote, \"If you know your enemy and know","og_url":"https:\/\/mysourcefunding.com\/?p=5926","og_site_name":"Brandiary","article_published_time":"2023-07-20T14:59:40+00:00","article_modified_time":"2023-07-20T14:59:41+00:00","og_image":[{"width":1136,"height":758,"url":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/07\/1689865181_0x0.jpg","type":"image\/jpeg"}],"author":"News Room","twitter_card":"summary_large_image","twitter_misc":{"Written by":"News Room","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mysourcefunding.com\/?p=5926#article","isPartOf":{"@id":"https:\/\/mysourcefunding.com\/?p=5926"},"author":{"name":"News Room","@id":"https:\/\/mysourcefunding.com\/#\/schema\/person\/5062dafb0f932b59aa228f1a047332f4"},"headline":"Eight Steps To Negotiating With Ransomware Hackers","datePublished":"2023-07-20T14:59:40+00:00","dateModified":"2023-07-20T14:59:41+00:00","mainEntityOfPage":{"@id":"https:\/\/mysourcefunding.com\/?p=5926"},"wordCount":1047,"commentCount":0,"publisher":{"@id":"https:\/\/mysourcefunding.com\/#organization"},"articleSection":["Startups"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/mysourcefunding.com\/?p=5926#respond"]}]},{"@type":"WebPage","@id":"https:\/\/mysourcefunding.com\/?p=5926","url":"https:\/\/mysourcefunding.com\/?p=5926","name":"Eight Steps To Negotiating With Ransomware Hackers | Brandiary","isPartOf":{"@id":"https:\/\/mysourcefunding.com\/#website"},"datePublished":"2023-07-20T14:59:40+00:00","dateModified":"2023-07-20T14:59:41+00:00","description":"Founder, BeforeCrypt GmbH \u2013 The Leading Ransomware Experts In Europe. In his famous work The Art of War, Sun Tzu wrote, \"If you know your enemy and know","breadcrumb":{"@id":"https:\/\/mysourcefunding.com\/?p=5926#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mysourcefunding.com\/?p=5926"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/mysourcefunding.com\/?p=5926#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mysourcefunding.com\/"},{"@type":"ListItem","position":2,"name":"Eight Steps To Negotiating With Ransomware Hackers"}]},{"@type":"WebSite","@id":"https:\/\/mysourcefunding.com\/#website","url":"https:\/\/mysourcefunding.com\/","name":"Brandiary","description":"Latest Business and Startup News and Updates","publisher":{"@id":"https:\/\/mysourcefunding.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mysourcefunding.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mysourcefunding.com\/#organization","name":"Brandiary","url":"https:\/\/mysourcefunding.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mysourcefunding.com\/#\/schema\/logo\/image\/","url":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/b-logo-1.png","contentUrl":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/b-logo-1.png","width":381,"height":100,"caption":"Brandiary"},"image":{"@id":"https:\/\/mysourcefunding.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/mysourcefunding.com\/#\/schema\/person\/5062dafb0f932b59aa228f1a047332f4","name":"News Room","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mysourcefunding.com\/#\/schema\/person\/image\/","url":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/avatar_user_1_1688031660-96x96.png","contentUrl":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/avatar_user_1_1688031660-96x96.png","caption":"News Room"},"sameAs":["https:\/\/mysourcefunding.com"],"url":"https:\/\/mysourcefunding.com\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/posts\/5926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5926"}],"version-history":[{"count":1,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/posts\/5926\/revisions"}],"predecessor-version":[{"id":5928,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/posts\/5926\/revisions\/5928"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/media\/5927"}],"wp:attachment":[{"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5926"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5926"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}