Resources

Kurtis Minder, #GroupSense CEO, speaks to Bloomberg about ransomware and ransomware negotiations  at 41:52. 

At GroupSense, there’s such a demand for ransomware remediation services they’ve added a hotline that’s featured prominently on the frontpage of their website. No one escapes this form of cyberthreat, Minder told Insider.

Kurtis Minder has some advice about how to negotiate with criminals who extort millions of dollars by crippling companies’ computer systems and stealing their data: Don’t call them “bad guys.”

A few days after Thanksgiving last year, Kurtis Minder got a message from a man whose small construction-engineering firm in upstate New York had been hacked. Minder and his security company, GroupSense, got calls and e-mails like this all the time now, many of them tinged with panic. An employee at a brewery, or a printshop, or a Web-design company would show up for work one morning and find all the computer files locked and a ransom note demanding a cryptocurrency payment to release them.

Ransomware attacks that lock up a victim's systems have become more common. So have people who negotiate with the hackers on behalf of the victims. Kurtis Minder, co-founder of the cyber reconnaissance startup GroupSense, discusses what those negotiations are like, and cybersecurity reporter David Uberti discusses how this approach is viewed within the cyber community. Christopher Zinsli hosts...

Kurtis Minder got into the ransomware negotiation business by accident early last year.

“Industrywide, there is a lack of attention to some of the common things that cause breaches and open companies up to ransomware,” Maley says. “We’re becoming immune to these types of things, as they happen more frequently. We’re seeing the same things across sectors. It’s a lack of attention to the basics.”

Join this month's episode of The (Security) Balancing Act as Diana Kelley and guests discuss why ransomware is surging again, which sectors are most at risk, the threat to enterprises and how it is being used for more than just ransom (ex: distractionware, destructionware, etc).
- The rise in ransomware under the cloak of the pandemic
- Why email continues to be the channel of choice
- The difference between fully automated and human-operated campaigns
- How to decide whether or not to pay or not to pay the ransom
- Why your backups may not be immune to ransomware
- Addressing the threat with best practices

Speakers
- Nicole Hoffman, Intelligence Analyst, GroupSense
- Courtney Radke, CISO for National Retail, Fortinet
- Patrick Lee, Senior Incident Response Consultant, Rapid7

Imagine, for a moment, that you own a small business -- say, a regional dairy farm producing milk, ice cream, yogurt, and other products. And, like so many companies in the food manufacturing sector, you get hit by ransomware. You can’t access any of the data you need to run your business -- so you don’t know which products to ship, where to ship them, what prices you’ve negotiated, who’s paid and who hasn’t… everything is locked up. And, the clock is ticking -- you can’t tolerate extended downtime or products will spoil and customers will defect to other vendors.

As ransomware attacks continue to surge across the globe, the demand for negotiation services has also increased -- and been hard to fill.