Companies Manage to Bargain With Ransomware Racketeers

Ransom Extortion

Revelations of the Ransom-Negotiator

In May, the racketeer-bargaining specialist (the negotiator) at a European production company had received an unexpected chat message from a malefactor who had hacked the specialist’s client.

Ransom negotiations, aimed at lowering the demands of racketeers, are the realm totally dominated by lawyers, consulting, and information security companies who know the nuts and bolts of working with hacker groups. The Palo Alto Networks Research shows that ransoms in 2021 grew to $2.2 million, becoming twice larger compared to the previous year. Palo Alto Networks state that the victims usually pay less than half of the initial ransom amount (around $541 000.)

The negotiator has shared this information on conditions of anonymity since he is not at liberty to discuss details of his work. The specialist’s job is to soften the demands of the extortionists.

“We need to know that you are honest with us,” – said the criminals, demanding a copy of the expert’s contract with the victims as proof of the legality of the specialist’s work after getting startled and nervous during the conversation.

The expert said that the crooks feared he would get an additional sum of money taken from the ransom amount.

After that, the hackers unexpectedly offered the negotiator to share the rest of their victims’ details with him to work for them. The crooks even offered the man to pay him a fee for each client; however, he refused.

As the expert concludes, the racketeers who contacted him were part of the Haron ransomware group, whose attack on Colonial Pipeline facilities stalled the supply of gas to the USA, eventually leading to arrests of the Russia-related hacking groups.

By Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

View all of Stephanie Adlam's posts.

Leave a comment

Your email address will not be published.