Analysts with Fox-IT (of the of NCC Group) created a database of more than 700 ransomware negotiations between 2019 and 2020.
Tip 1: Don’t lose your cool with the hackers. “A crisis can be ‘an emotional rollercoaster,’ (Fox-IT cybersecurity analyst Pepijn Hack) said, and much is at stake. Business owners can understandably become emotive. Hack advised looking at ransomware negotiation as a business transaction. Consult outside help if needed, but remain professional. ‘Being kind will lead to a better outcome,’ he noted.” [Yes, this ransomware expert is named, or at least calls himself, “Hack.”] Tip 2: Ask for more time. “‘(I)n almost all cases from the second database, the adversary was willing to extend the timer when negotiations were still going on,’ Hack said. ‘You can really see that there’s definitely some leeway with each negotiation.'”
The report includes specific and practical negotiating strategies and data points, such as a $30 million ransom demand negotiated down to $500,000.
Source: How to Negotiate With Ransomware Attackers