Negotiating ransom with hackers: ‘They act nice, so do I’

Dentist organization Colosseum Dental paid a ransom of about 2 million euros to end a cyber attack. Sounds intense, but it is increasingly common for companies to tack. Also see Rob Mellegers of the Eindhoven company Cyber4Z. He regularly negotiates with hackers. “Unfortunately, it is a growth market.”

Written by

Sven de Laet

Mellegers does not know exactly who he is talking to. But the fact is that he regularly has conversations with hackers who are out for ransom. “Companies approach us when they are attacked. How do they know that they have been hacked? You soon notice that you can no longer use programs. And sometimes the criminals also roll a letter out of the printer saying that you have been hacked.”

At such a moment, Mellegers and his colleagues spring into action. That communication often runs smoothly. “You will be sent a link, which will take you to a secure portal. Sometimes you can just talk to each other, as if through a kind of crypto telephone.”

Mellegers’ task is clear. “Make agreements with the hackers on behalf of the hacked company. Sometimes there is room for negotiation, sometimes not. They are very open about that. Those criminals also know exactly what they can ask of you. turnover, so they can also estimate whether haggling is really necessary.”

“It is also best to make agreements with the hackers.”

But isn’t it strange to chat with such a hacker? “Somehow, because you know that they have done something that is not right. But I am mainly busy limiting the damage for my client. The conversations are often very friendly. They are nice to me, I to them. It is best to make agreements, for example about paying in installments, so that you know that they actually return data.”

Because that’s the risk: will the hackers give that data back? “It is of course possible that they sell the data on or make it public. But in general it is much more useful for them to be reliable. If they do not deliver once, everyone will know immediately. Then it will also benefit the next hacked company. no point in paying.”

“You are never completely safe.”

That payment is happening more and more often. “Also because the measures at companies are getting better and better. Hackers are therefore able to steal less data, which means that it also involves smaller amounts.” And while ransom transfers are strongly discouraged, Mellegers can imagine it. “Such a company is the only one able to assess the impact, damage and consequences if that data ends up on the street.”

Incidentally, it is not the case that companies transfer the ransom quickly to avoid negative publicity. “The moment you are hacked, you are simply obliged to report it to the Dutch Data Protection Authority. If you don’t, you are punishable.”

It doesn’t look like Mellegers’ agenda is getting emptier any time soon. “Unfortunately, hacking is a growth market. Am I not doing my job properly? Well, you are never completely safe. You can guard your house with cameras, surveillance, keys. But then someone dressed as a postman comes to your door and picks up a gun. What are you going to do then? It is and remains the fault of the hackers themselves.”

ALSO READ:

‘Dentist chain paid more than 2 million euros ransom to hackers’

Ethical hacker Mathijs breaks in daily: ‘Never 100 percent safe’

Dentist organization hacked for days: these companies were also the victims

Waiting for privacy settings…

ttn-32