The Negotiation of Data and Ransomware

KURTIS MINDER, CEO, GROUPSENSE: Well, I certainly hope this doesn’t become a pervasive profession. I hope — some of Chris’ points, I hope, with some government intervention and some better cybersecurity hygiene, this is a part-time thing and it goes away.

(LAUGHTER)

MINDER: But, as far as how do you train, the negotiation principles for negotiating with hostages, negotiating to buy a car, or negotiating with threat actors are very similar. The difficulty in training what we do is, in most of the other cases, you can read tone, intonation, things like that. In this case, we’re often negotiating over a Dark Web chat site. So we — it’s almost like negotiating over text message, which makes it very difficult to read those things. And those things are important. So, there is a skill to learning the language. And many of these threat actors that we’re dealing with are English as a second language, obviously, so reading through their poorly translated words to find sort of nuances and tone.

GOLODRYGA: Yes. I know your girlfriend has actually been helpful for you in that sense, because she speaks Russian and Romanian and some other Eastern European languages. And she’s taught you — or you refer to a lot of these hackers as grasshoppers or kuznyechiks, right?

(LAUGHTER)

GOLODRYGA: Why do you try to develop a relationship with what most people would just assume are bad guys?

MINDER: Well, you don’t want to go into it calling these folks bad guys. They know what they’re doing is wrong. Everybody’s going to justify their actions in some way. So, just driving toward the desired outcome, which is to reduce the ransom to the most — the smallest amount possible, the best approach is to treat these folks like business associates and the whole process like a business transaction.