Kurtis Minder, CEO of the American cyber security company GroupSense, has been busy acting as a ransom negotiator in ransomware cases. It started with a client who needed help, and then as the number of cases increased, he refined his ability to negotiate with the criminal gangs on the other side.
Minder says that there has been a professionalization among the criminals, where the most skilled hackers rent out their platform as a "ransomware as a service" service to others who then carry out the crime.
Minder: "You can also buy stolen network access in the criminal market. You do not have to be a real hacker to implement this anymore, if you can handle cryptocurrencies and find Darknet, he explains."
Eastern European actors
How many leagues are there out there?
Minder: "Hard to say, there is a focus on Russian, Eastern European actors. The big names you hear about: REvil, Conti, such gangs. All of them offer "ransomware as a service", which others can license, which contributes to the spread."
What is it about ransoms?
Minder: "It is rarely about less than six digits. $ 100,000 or more, is the lower limit. For companies with well-known brands, not less than 3-4 million dollars. Then it goes up to tens of millions of dollars in ransom requested by the really large listed companies."
Choose to Pay
The US FBI advises against paying to the leagues. There are also those who think that payments should be banned, as a way to remedy the problem. However, Kurtis Minder believes that it will only reduce the number who report cases to the authorities. Most of his customers ultimately choose to give in and pay, a certain amount at least.