https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

MSSP Insider


Shutterstock

Cybersecurity Roundup

Ransomware Negotiators Stay Busy as Attacks Escalate

  • Written by Edward Gately
  • October 2, 2020
After getting a ransomware payment from a company, the cybercriminal may return for more.

It’s a busy time for ransomware negotiators with cybercriminals targeting more businesses and demanding bigger payments.

Ransomware attacks and ransom payments are on the rise, with ransoms now more likely to exceed $1 million, according to recent research by Barracuda. There’s been a significant increase in ransom payments in the past year. And many ransomware victims have not prepared enough, so they end up paying the ransom.

On Thursday, the U.S. Treasury Department published guidelines for special circumstances where a ransomware payment may break U.S. sanctions. The guidelines apply when an individual or company has had its data encrypted by a ransomware gang that is either sanctioned or has affiliations with a cybercrime group sanctioned by the Treasury Department in years past.

So, how do ransomware negotiators work? Should organizations always try to negotiate?

Cytelligence's Ed Dubrovsky

Cytelligence’s Ed Dubrovsky

To find out more, we spoke with Ed Dubrovsky, COO and managing partner of Cytelligence. The company handled ransomware negotiations until Aon acquired it earlier this year. It now works with third parties and helps them handle negotiations.

Channel Futures: When do ransomware negotiators step in?

Ed Dubrovsky: Threat actors come in and they impact as many systems as they can to cause a very big impact on an organization. With a small organization they will … encrypt all systems. And with a large organization, they will deploy an automatic means to encrypt all the data. And then you basically have to go and talk to them because your ability to do anything else is diminished. Even larger organizations with backups may still be compelled to negotiate with these threat actors because the amount of time to recover and the cost to the business to be down for that duration could actually be higher than making a payment to the threat actors, and then both recovering from your backups … and decrypting files.

CF: Are many cybercriminals willing to work with ransomware negotiators? Will they accept a lesser amount?

ED: It’s very difficult to negotiate with certain threat actors because of perhaps language or they’re set in their ways in terms of, “We believe you’re making that much money and hence we want that much money, and we’re not going to negotiate.” But it’s not just about the initial demand and the final demand, and whether you need a negotiator to decrease that number.

You could potentially negotiate with them and say, “You give me the data and I’ll pay you for it.” Or you could basically say, “We’re not paying you; go ahead and publish.” That costs zero to the client and then the bad guys go and publish. Yes, it’s in the public domain. But the client didn’t really care because the data did not contain any personally identifiable information about individuals. So it was not secret information. But what was more important was getting back to business. So every case is a little different.

The majority is always about how can we minimize the final demand. But it’s also about how fast we can get to that final demand. It’s costing money, and potentially loss of business and reputation and so on. So it’s definitely a time-sensitive process.

CF: What happens once cybercriminals and ransomware negotiators agree on an amount?

ED: The threat actors will …

  • Page 1
  • Page 2
  • Page 3
  • Page 4
Tags: MSPs Business of Security Cloud and Edge EMEA Endpoint IoT MSSP Insider

Related


  • Spinoff Company
    IBM Names 2 Senior Execs for NewCo Spinoff
    The leaders bring a combined 55 years of experience to their new roles.
  • Social Engineering
    How Are Your Clients Handling Social Engineering? Chances Are, Not Well
    New research from MSP Electric shows where COVID-19-fueled threats are especially problematic.
  • Depiction of a supply chain
    Full-Stack ICT Supply Chain Ownership Becoming a Thing of the Past
    To own or not to own? Supply chain model changes bring new players to the forefront.
  • Malware alert
    It's Raining Malware: Understanding and Protecting Against Today's Threats
    From using VPNs to heightened security awareness, companies must work harder to stop attacks as people work from home.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Ready To Add Cutting Edge IoT Solutions To Your Portfolio?
  • What Is The Value Of Distribution For The Internet Of Things?
  • The Internet of Things (IoT): Where do You Begin?
  • 3 Strategies for Selling Zero Trust in the Channel

Galleries

View all

International Women’s Day & Tech: Move Beyond the Conversation

March 8, 2021

Industry Perspectives

View all

What is FirstNet–and What Are the Benefits for Channel Partners?

March 8, 2021

5 Ways XDR Can Improve Operational Efficiency for MSPs

March 4, 2021

Multi-Cloud: Strategy or Inevitable Outcome? (or both?)

March 3, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021
  • 1

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

We celebrate #InternationalWomensDay by highlighting the important conversations and key statistics. @channelsmart… twitter.com/i/web/status/1…

March 9, 2021
ChannelFutures

A UK-based MSP got a lesson in grace when a post intended as a joke was mistaken for online bullying.… twitter.com/i/web/status/1…

March 9, 2021
ChannelFutures

Learn more about #FirstNet and partnering with @GetWirelessLLC. #LTE #firstresponders #connectivity #IoT… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

Have you heard? @McAfee is selling its enterprise security business. And 75-year-old founder #JohnMcAfee faces deca… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

Today we celebrate the achievements of women worldwide, and we are proud to give the rockstar women in the channel… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

The list of #Accellion FTA breach victims keeps growing. Another bank joined the list over the weekend.… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

Happy #InternationalWomensDay! The Channel Futures / @Channel_Online team is proud to support @AllianceofCW and… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

#MSPs can help businesses deal with #cloudcomputing and #cybersecurity pain points, says @Dreamix_Ltd.… twitter.com/i/web/status/1…

March 8, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X