Skip to content

The Hidden Benefits of Negotiating With Ransomware Attackers

August 21, 2023 – Published on BankInfoSecurity

Conventional wisdom recommends to never negotiate with ransomware actors. They can’t be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.

At the very least, that extra time could help security and IT teams formulate a strategy, check on backups and determine whether data has been stolen. Even though an organization may not plan to pay a ransom, the lines of communication stay open – in case paying the ransom turns out to be the best option.

“It’s just buying time before they’re going to publish your information if you don’t make the payment,” Lance said. “It’s allowing you to complete more tasks and do things in a more orderly manner. Traditionally, you just ignore them, and then within anywhere from two days to a week, all of a sudden your information is released.”

Watch this video interview with Information Security Media Group filmed at Black Hat USA 2023 to learn more.

Read and Watch More HERE.