Before we get into how you can talk your way to a good deal with a ransomware attacker, let me start with a personal story.
I recently met a friend; she’s the owner of a local web design company. During our conversation, she told me she had been hit with a ransomware attack. She’d opened her computer and found that all of her files had been locked. She also found a ransom note. The attackers demanded she pay some money in cryptocurrency in order to have her files released.
Unfortunately, my friend isn’t alone. Many small business owners find themselves the target of ransomware attacks. These malicious hackers demand money to release control over their victim’s computers/networks/files.
I spoke with a security expert on what to do in situations like this. The feedback I got from him, along with my own experiences, is what I want to share with you in this article.
Specifically, I’ll talk about how you can talk to ransomware attackers to get the best possible outcome. The tips and tricks I’ll be discussing in detail are:
- Focus on the initial exchange
- Be realistic about the numbers
- Be honest
- Check for local language speakers
- Hire negotiation specialists
- Insure against ransomware
But before that, let’s briefly go over some dark statistics on the prevalence of ransomware.
What’s the Deal with Ransomware Attackers?
If you’re a victim of ransomware, it may come as a small consolation that you’re not alone here. According to Statista, a leading company specializing in providing market and consumer data, there were 304 million ransomware attacks in 2020 alone.
Furthermore, Statista highlighted the fact that between 2018 and 2021, the percentage of ransomware victims is continuously increasing. These statistics show that ransomware is a global problem, and that it can happen to anyone at any time. One small misstep is all it takes for attackers to take control of your system.
So, this brings up a couple of important questions. How can you talk to ransomware attackers? Can you strike a favorable deal with them?
Read on to find out the answer to these questions and more!
How To Deal With Ransomware Attackers
Typically, ransomware attackers use an infectious trojan to infiltrate your computer. Often, you or someone in your organization gets tricked into clicking a malicious link. This downloads the trojan to your network and locks your files or computer. This is why you have to implement all possible strategies to prevent an attack in the first place. Preventing an attack is much easier than dealing with it, but if you weren’t able to prevent it, please read on.
As a first step, understand that uncertainty in any negotiation with ransomware attackers is common. They may not always hold up their end of the bargain. This is why the FBI advises victims to avoid negotiations with the attackers in the first place. They argue that negotiations and the resulting payments act as incentives for attackers to continue this behavior.
That said, if you don’t negotiate, you could end up losing your data. Also, rebuilding your systems can prove to be expensive. It can impact your reputation and your business operations. In the end, it’s a thin line, so decide what path you want to take. If you do decide to negotiate, then here are six ways you can do it:
1. Focus On The Initial Exchange
Attackers will always want to wrap up a deal quickly, so they can move on to their next victim. Furthermore, they’re in constant fear of having the incident traced back to them. This is why it’s important to establish a rapport with the attacker as early as possible.
So, focus on the initial round of communication with the attackers. Don’t use a frustrated or condescending tone. Also, don’t berate them as this can rub attackers in the wrong way. Just be neutral and tell them what you can offer. From this point, focus only on the ransomware deal and bring it down as much as you can.
Establishing a good rapport greatly increases your chances of getting a favorable deal.
2. Be Realistic About The Numbers
It’s a great feeling when you settle a deal that costs no money, but that’s not practical. Keep a reasonable budget in mind and work towards that. Don’t show the attackers that you are desperate by lowering the ransom amount; this will incentivize them to keep your information hostage even longer.
3. Be Honest
Trust me when I say people can see through falsehoods, sooner or later. If you’re trying to buy time or mislead the attacker, it can cause them to cut off communications, and that’s the last thing you want. So, be honest and tell them that you need time to arrange the money. Or, you can even tell them that their demands are beyond your capacity. This sort of blunt honesty might bring you closer to finalizing a deal.
4. Check For Local Language Speakers
Some attackers may feel comfortable talking in their native tongue. Make an effort to communicate with them in their native tongue. If it’s not English, find someone who can speak that language. Using colloquial phrases can help you establish a connection with them, and might also push them to agree to a favorable deal.
5. Hire Negotiation Specialists
Many of us might not be experts in negotiation. It’s a skill that requires a great deal of patience for proper execution. So, unless you’ve handled negotiations with criminals successfully in the past, this may not be for you.
A solution here is to hire negotiation specialists who can bargain with ransomware attackers on your behalf. They are experts in navigating through extortions and ransoms. Most likely, they can get a good deal for you. Your local police station or even the local FBI office, if you reside within the United States, is a good starting point.
6. Insure Against Ransomware
Lastly, many cyber insurance companies offer insurance policies against ransomware. When you sign up for these policies, they handle all the negotiation and the resulting losses. This can free you up from these tasks.
Besides these tips, just keep a calm and neutral voice throughout. Be firm about what you can offer, and you should be able to pull off a deal.
To summarize, ransomware is more common than you’d imagine. If you end up an unfortunate victim of an attack, don’t fret; there are many ways you can go about handling it. As discussed previously, you’ve seen that you have a plethora of solutions at your disposal..
Have honest and open communication with the attacker, give a realistic idea of what you can offer, and bargain hard for it. You’ll also want to stay calm and collected throughout the ordeal. If this all sounds overwhelming, consider hiring a negotiation specialist. You may also think about getting cyber insurance to protect yourself against ransomware losses.
Have more questions about ransomware attacks? Check out the FAQ and Resources sections below!
Are ransomware attackers open to negotiations?
Most ransomware attackers are open to negotiations. Often, this is a cartel or an organization with multiple employee levels. They’ll be open to negotiations and may even have their own pricing strategies. If you have cyber insurance, the experts of the insurance company can take over, if that works better for you.
Do I need to speak the same language as the attackers?
Not necessary. Undoubtedly, it’ll help establish a connection if you find someone who speaks the same language as the attacker. But that’s not a requirement as attackers can sometimes work as a group. You’ll most likely find someone in their organization who speaks English.
Should I speak with authority when dealing with ransomware attackers?
No, it’s always a good idea to keep a calm and neutral tone as you don’t want attackers to know you’re emotional. Remember, they can use that as leverage against you. Furthermore, you’re at the receiving end of the deal, so use your communication skills well. If you struggle with communication, call someone who can help you.
What can I do if I receive a ransomware note?
Inform your IT department right away if this happens at your workplace. If your personal computer gets hacked, your best bet is to reach out to the local police or FBI office. You can even talk to negotiation specialists; they know what to do in these situations.
Should I pay a ransomware demand?
It depends on the severity of the attack and what’s at stake. The FBI strongly advises you against paying. That said, it can take a long time to rebuild and/or restore your files/applications. In some cases, especially for small businesses, it can even lead to business closure. Remember, you have no guarantee that the attacker will go through with the deal. At best, you can show that you’re more than inclined to pay the agreed on ransom. This is sure to boost your chances of getting a good deal.
Subscribe to our newsletters for more quality content.
TechGenix: Article on the Kronos ransomware attack
Read this article to learn more about the Kronos ransomware attack.
TechGenix: Article on holiday ransomware attacks
Click here to read up on ransomware attack warnings by CISA and the FBI.
TechGenix: Article on ransomware-as-a-service
Learn all about ransomware-as-a-service here.
TechGenix: Article on the REvil ransomware attack
Click here to learn all about the REvil ransomware attack.
TechGenix: Article on Europol’s successful anti-ransomware project
Click here to learn all about Europol’s anti-ransomware project.
WServerNews: Ransomware attack on Exchange
Subscribe to WServerNews and find out what happens when a ransomware attack hits Microsoft Exchange.
FBI: Guide on How To Protect Yourself Against Cybercrime
Head to this page to know more about what you can do if you’re facing a ransomware attack. If you reside within the United States, you can also find your local FBI office on this page.
ENISA: Cybersecurity Measures To Take In Europe
Click here to learn all about cybersecurity measures in Europe including the possible people to contact.