7 best practices for negotiating ransomware payments

Whether through ransomware, data theft, a distributed denial of service attack (DDoS) attack or General Data Protection Regulation (GDPR)-based extortion, criminals demanding money from organizations in exchange for the return of data or to continue business operations continues to be a common occurrence.

The best advice, of course, is not to pay, but as a last resort some organizations might feel the need to negotiate with cybercriminals during a cyberattack.

Perhaps the backups have failed, maybe criminals have your most sensitive data, or the size of a threatened DDoS attack would overwhelm your systems. An older study from 2015 estimated as many as 30 percent of security professionals would be willing to negotiate to get their data back, but who should take the lead, and how should you go about negotiating?

Corporate extortion and ransomware were listed as the “most significant risks to businesses” by 72 percent of respondents in a global survey of 900 CIOs by Logicalis, and Europol’s 2018 Internet Organised Crime Threat Assessmentfound an increasing trend of cyber extortion, and predicted more in the future.

What the data says about paying ransoms

The FBI, the UK’s National Crime Agency, and most cyber security experts recommend never paying the ransom. Aside from the ethics of funding criminals, there are no guarantees that criminals will stick to their end of the bargain, and it could encourage further attempts at extortion. Depending on your industry.

Continue reading…

This article originally appeared on Csoonline.com