The Gately Report: GuidePoint Security On Do’s, Don’ts of Ransomware Negotiation
May 1, 2023 – Published on Channel Futures
Ransomware negotiation is a tricky job as ransomware gangs continuously shift their tactics to get as much money as quickly as possible from victims.
Mark Lance, GuidePoint Security‘s vice president of digital forensics and incident response (DIFR) and threat intelligence, specializes in ransomware negotiation. We caught up with him at last week’s RSAC 2023.
A new GuidePoint Security report based on publicly available resources shows a 25% increase in ransomware victims in the first quarter from the fourth quarter, and a 27% increase compared to the first quarter of last year. The report tracked 849 total publicly posted ransomware victims claimed by 29 different threat groups in the first quarter.
We spoke with Lance about the ins and outs of ransomware negotiation amid this increase in attacks.
Have ransomware gangs been changing their tactics amid the Ukraine crisis?
“If you look at the evolution of the threat, initially it started out very largely about the encryption and operational impacts. Then a couple of years ago, we saw them start doing the double extortion method where they’re stealing information from the environment prior to performing the encryption and even if you’re able to recover, they’re still going to try to get payment through the extortion of the data that they stole by saying that they won’t release the information if you pay them. With the Russia-Ukraine incident, I wouldn’t say it has changed the methods that we’ve seen. I think we’ve seen some unique impact where the methods they’re using right now are working, they’re effective and they’re making a ton of money.
Read More HERE.