When we're talking about these types of situations on my team, we're talking about threat actor communications rather than negotiations, because there is so much more that goes into what we do other than just making a payment,
In addition to the debate over a total payment ban, there's also some controversy surrounding negotiators themselves, and whether they should be regulated.
As GRIT has watched ransomware gangs use 'more coercive tactics' to put pressure on victims to pay - this includes releasing sensitive data and even contacting companies' customers and business partners - law enforcement is also turning up the heat via coordinated takedown efforts.
Collection
[
|
...
]