An analysis of ransomware attack negotiation-data offers best practices.
Ransomware has become part of the cost of doing business, and driving down that cost can be the difference between recovery and catastrophe.
A data analysis from Fox-IT, part of NCC Group, offers some best practices for how to minimize the fallout of a ransomware attack, after creating a dataset of 700 ransomware negotiations which occurred between 2019 and 2020.
Once breached, the researchers explain the optimal response is none, but of course, that’s a luxury most victims can’t afford.
Fox-IT cybersecurity analyst Pepijn Hack and Zong-Yu Wu, a threat analyst with the company, explained that when negotiation is the only choice, there are strategies to affect the best possible outcome.
“There is a negative sentiment in our society towards paying or negotiating with criminals, and the legitimacy and ethics of it are also questionable to say the least,” the report said. “Nonetheless, we realize that a significant percentage of companies currently do end up paying the ransom demand.”
Ransomware Econ 101
Ransomware groups already know how much their victims can afford to pay, the data shows. Their business model depends on them knowing how potentially lucrative a