Skip to content

What ransomware negotiations look like

Posted by: GuidePoint Security

< 1 min read

September 9, 2021 – Article posted on Cybersecurity Dive 

Fear can overwhelm the decision of whether to pay a ransom. When considering whether to pay, companies want to know how quickly operations can resume while uncovering the hole that allowed the ransomware in. As for the negotiation, companies have to take a backseat.

When COVID-19 began to put serious pressure on healthcare organizations, cybercriminals took advantage, especially ransomware gangs. But in at least one instance, a victim healthcare organization was able to level with their attackers.

“The threat actor basically said, ‘Hey, we’re actually really sorry about that. We’re not trying to hit healthcare organizations, we’re just going to give you a decrypter,” said Drew Schmitt, principal threat intelligence analyst at GuidePoint Security, who has been partnering with third parties since 2019 to negotiate ransom payment.

Some ransomware groups are “not necessarily just doing what they’re doing to watch the world burn. There are varying levels of how some groups feel about their operations,” he said. “One of the most notable experiences I’ve had is having that free issuing of the decryptor.”

Not all organizations are as lucky and not all cybercriminals have a moral compass….

Read More HERE.

Categories: Cybersecurity News
Tags:GRIT

GuidePoint Security

GRIT 2025 Q1 Ransomware & Cyber Threat Report
Trends and threats from the past year, with insights to protect your organization.
Download Now

Related Articles

View All

  • GRIT Blog
Risky Recovery: Ransomware “Decryption” Scams Remain in 2024
Posted by: Justin Timothy
Published 09/19/24, 09:00am
Read More 8 min read
  • GRIT Blog
GRIT Ransomware Report: April 2024
Posted by: Jason Baker
Published 05/16/24, 08:50am
Read More 14 min read
  • Blog
The Evolution of Ransomware
Posted by: Tristan Morris
Read More 4 min read