How to negotiate with ransomware hackers?

Matthias Schranner, a former FBI hostage negotiator and CEO of the Schranner Negotiation Institute, defines 5 steps on how to negotiate with ransomware hackers.

Become a skilled negotiator and learn new deal making and contract negotiation techniques to be used if you company has fallen victim to a cybercrime.

Step 5: Prepare and commence negotiations

Prepare extensively ahead of the negotiation. A good negotiator will also analyze their positions and motives in great detail before the negotiation, including their needs and weaknesses. If you do not know your weak spots, you will be an easy prey for your opponent. 

Strategic preparation is an integral part of the professional preparation for negotiations. It is essential to set out the game’s rules in the form of an agenda right at the beginning. Then everyone knows the primary conditions and limits. Violating the basic rules means immediate termination of negotiations.

You have two tactical entry alternatives to enter the negotiation with cybercriminals. Choose the one which shows your negotiating partner that you are the leader in this negotiation. 

1.Place a high demand

With this approach, you force your negotiating partner to react right at the beginning. They will usually comment on this demand and thus reveal important information. (E.g., provide an immediate proof that the system can be restored.) Those who dare to make realistic but high demands at the beginning of the negotiation will always win. Surprise and reactions on the opposite side are almost guaranteed.

2.Wait for a demand
Suppose you ask the other party to reveal their demands. As soon as they do so, you question it: “Is this demand realistic?” Only unprofessional negotiators will make concessions in response to criminal’s demands and lower their expectations.

The next step is to place your demand based on that of your opponent. Your claim should be outside of the “ZOPA” (Zone of potential agreement) to give you more flexibility in dealing. Finally, you both should meet in the middle (you manage to shift in your favor by placing the proper demand.)

Preventing cyberattacks

Most cyberattack negotiations are resolved in a matter of hours or days. However, Chief Information Security Officers can always mitigate the risk by hiring or outsourcing a cybersecurity specialist, who can check the system for any potential weaknesses that make it vulnerable to ransomware hackers.

Follow us on LinkedIn.




Do you want to be better prepared for difficult negotiations?

Receive a checklist, based on the SCHRANNER CONCEPT®

In clicking „Receive Checklist“ you are agreeing to our Privacy Policy.