How Does a Ransomware Negotiation Work?
Criminals have always held people hostage to get what they want. In the modern digital world, they prefer stealing data to force consumers or corporations to pay top dollar for its return — and unfortunately, ransomware isn’t going away...
Criminals have always held people hostage to get what they want. In the modern digital world, they prefer stealing data to force consumers or corporations to pay top dollar for its return — and unfortunately, ransomware isn’t going away anytime soon. Often, victims need their data back; but without backups, their options typically dwindle to either paying the full price or negotiating.
This is how a ransomware negotiation works and everything you need to know to stay safe in the digital age.
What Is a Ransomware Attack?
Cryptoviral extortion doesn’t always involve breaking into a business to steal computers. It doesn’t even require the theft of hard drives. Many ransomware criminals send malicious software (malware) to potential victims that appear to come from a trusted person or company. (https://www.itproportal.com/features/the-four-most-popular-methods-hackers-use-to-spread-ransomware/)
What Do Ransomware Attacks Look Like?
When someone clicks on a bugged link, attachment, or photo in a phishing email, the malware searches their computer for valuable, sensitive data. That can be information such as:
Passwords Social Security numbers Credit card numbers Banking information Phone numbersCybercriminals want this data to extort victims. They know people need that information to pay bills, keep the lights on, and access food, so they present a short-term deadline to pay a ransom and get the data back.
If people don’t pay the amount requested, the ransomware attackers may steal money from the victim’s bank accounts and publish private data so others can do the same.
How to Protect Against Ransomware Attacks
There are a few ways people can protect against ransomware attacks from happening to themselves, their loved ones, or their co-workers. Practice using these tips to keep your data safe.
1. Use Strong Passwords
A study found that 80% of hacked security breaches happen because people use weak passwords or the same ones for multiple accounts. Your preferred passwords may be too short and uncomplicated to protect your sensitive data adequately.
Experts recommend that anyone with a digital presence use 16-character passwords that include alphabetical and numerical digits, plus special characters like exclamation marks or ampersands. You can also look into an encrypted security bank to save your complicated passwords and autofill them when you need to log into websites.
2. Attend Phishing Training Classes
Every workplace should have annual training classes to teach everyone how to spot and avoid phishing scams. Whether in-person or digital training, don’t miss the valuable education.
If your workplace doesn’t currently have phishing training, speak with your manager or the business owner about starting it. The latest research shows that this type of training reduces clicking on phishing links by nearly half, from a 47.5% click-through rate to a 24.5% rate.
3. Talk About Cybersecurity Automation
Automated cybersecurity is another layer of protection between people and cybercriminals. Talk about investing in a program with your boss or other leaders in your company if you’re a business owner.
Automated cybersecurity provides multiple benefits, including automated testing and responses to potential ransomware links before any employee can click on them. It also immediately alerts selected users of activated ransomware if an attack occurs.
4. Only Open Verified Emails
It’s always a good idea to only open emails from people you know personally. Check each sender’s address to ensure it isn’t a copycat email or a spam sender with heightened-risk content.
You can also check with the person who potentially sent the email to verify they emailed you the link or attachment. It only takes a moment to determine if something is safe to open. The extra effort will keep you or your company from paying the average $1.4 million ransom (sophos dot com)to get your sensitive data back.
5. Install Anti-Malware Software
Anti-malware software is easy to install and works behind the scenes while you spend time online. It automatically tests each link, attachment, and downloaded content before you can click on anything. Your chosen software may also remove any suspected malware so you can’t accidentally open it in the months or years ahead.
Should Attack Victims Engage in Ransomware Negotiation?
The U.S. Federal Bureau of Investigation (FBI) recommends that anyone involved in a ransomware attack submit an online tip or call their local field office for legal assistance. It’s best to get advice from people professionally trained to handle that type of situation to potentially save yourself from paying anything at all.
Most of the time, law enforcement recommends that victims avoid paying the fee for their data. It only teaches the hackers that you’re willing to hand your money over, so they’ll likely return.
There’s also a likely chance they’ll take your money and never return your sensitive information. A 2021 report found that only 4% of ransomware victims who paid the fee actually got all their data back.
How a Ransomware Negotiation Works
When ransomware hits, an incident response team or trained professional will verify how the attacker got your information, kick them off your network, and establish their credibility. They’ll also contact law enforcement for additional response guidance.
It’s also in your best interest to contact any insurance providers who have a digital security policy with you to ask them for approval for legal counsel and potentially pay the ransom.
Attackers usually require that victims use a specified communication channel for all conversations. People must then decide if it will cost more to keep their network down and allow law enforcement to track the cybercriminals or if they need to get back up immediately.
The second option is often what seems best for organizations like hospitals that need their software to treat emergency cases or surgical patients.
Tips to Negotiate a Ransomware Attack
If you believe you should engage in a ransomware negotiation with the attackers, use these tips to make the experience as seamless as possible.
1. Contact the FBI
Always follow the recommendations of law enforcement from the start of a ransomware attack. Filing a tip or calling your local FBI field office will connect you with experts who have handled similar situations. You’ll get the best results and legal advice if you don’t manage the problem alone.
2. Find Out What the Hackers Stole
The attackers should tell you exactly what information they stole and how much they have through their preferred chat system. They’ll name a price for the data and potentially decrypt a file or two as proof of what they have.
3. Look for Backups
Individuals and businesses should back up their data regularly to protect against loss. If a ransomware attack occurs or someone breaks their computer, you can restore your data from the latest backup and take control of the situation without losing money.
Even if your business has regularly scheduled backups, be sure to monitor them continuously. Many businesses think they’ve backed up their crucial data, but an average of 10-15% of that data is never backed up due to preventable errors.
4. Weigh Your Options
You’ll have to weigh your other options if you don’t have a data backup. Companies under immense time pressure — like hospitals that need to access digitally locked medications or businesses that provide essential services like natural gas distribution — may be unable to wait through negotiations.
Say you need to pay the ransomware. The attackers may work with you if you provide proof that you don’t have enough money. Many ransomware hackers will lower their original demand because they’ll take any payment over none at all.
5. Find a Data Recovery Service
Many data recovery services can save some, if not all, of your lost information without paying hackers. The fee may be extensive, but it could be less than the cybercriminals are demanding. Look into your options and get quotes before giving thieves any money.
Learn More About Ransomware Negotiation
It’s much easier to take preventive steps after learning how a ransomware negotiation works. Invest in malware software, upgrade your passwords, and look into insurance policies. They’ll minimize your risk and keep your information safe.
Featured Image Credit: Provided by the Author; Pexels; Thank you!
Zac Amos
Zac is the Features Editor at ReHack, where he covers tech trends ranging from cybersecurity to IoT and anything in between.