How to negotiate with ransomware hackers?

Matthias Schranner, a former FBI hostage negotiator and CEO of the Schranner Negotiation Institute, defines 5 steps on how to negotiate with ransomware hackers.

Become a skilled negotiator and learn new deal making and contract negotiation techniques to be used if you company has fallen victim to a cybercrime.

Step 4: Set boundaries and prepare the payment

It is widely known that ransomware attacks are mainly paid in cryptocurrency. We recommend having a contingency fund for that as it might take up to a few days to get the funds. 

Always set boundaries in a negotiation process.

The Negotiator is the one who is going to discuss all the payment details. However, the Negotiator needs to set certain boundaries (E.g. the minimum and the maximum amount to be paid or other requirements) that they have to discuss with the company or team prior to making any commitments. 

An answer to the violation of the boundaries always should be an action, not a reaction. The assessment on whether your boundaries have been crossed is based on your very own perception. 

Suppose the boundaries have been violated; the first thing to do in this case is to issue a clear warning – not a threat. Example: During a hostage-taking, a Negotiator points out that they are willing to discuss the matter but expect cooperation: “Look, I’m here so that we can talk and find a way out of this situation together. But if we do not reach an agreement, someone else will take over and decide at a certain point. As you can see, the snipers are ready.” Emphasize that the actions of a cybercriminal will start a chain of irreversible actions. 

Follow us on LinkedIn.




Do you want to be better prepared for difficult negotiations?

Receive a checklist, based on the SCHRANNER CONCEPT®

In clicking „Receive Checklist“ you are agreeing to our Privacy Policy.