How to have fun negotiating with a ransomware gang

How to have fun negotiating with a ransomware gang

How to have fun negotiating with a ransomware gang

Can negotiating your firm’s ransomware payment actually be fun?

Well, if it’s a game rather than the real thing then yes!

The inventive bods at the Financial Times have created an imaginative ransomware negotiation simulator which lets you imagine you’re in the hot seat at a hacked company, trying to stop cybercriminals from releasing sensitive data they have stolen from your systems.

EmailSign up to our newsletter
Security news, advice, and tips.

The simulation lets you imagine that you’re a pointy-headed boss at a successful pharmaceutical company in the United States. After a ransomware attack, the company’s day-to-day operations are severely disrupted, meaning that servers are down, products can’t ship, and employees aren’t being paid.


Ransomware game

The game then unfolds via a variety of multiple-choice questions, rather like an old-fashioned “Choose your own adventure” book.

When I played the game I managed to extend the negotiation for a few days longer than the hackers had planned, badgered down the ransom demand to a fraction of what the bad guys had initially demanded, before ultimately deciding not to pay them a penny.

Ransom negotiation

A few hours later, sensitive data about my imaginary company was apparently released on the dark web – but the shareholders were impressed that I refused to pay up.

The FT says that the simulation is based upon interviews with real-life ransomware negotiators, and conversations with security researchers and company executives who have been on the sharp end of an attack.

By my reckoning it’s better to have some experience of negotiation a ransomware payment in the safety of an online game, then having to learn on the job when your company gets hit for real. And if the FT‘s creative exploration of the topic helps more business people understand the seriousness of ransomware, then that has to be a good thing.

Now go on, try the game for yourself.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.

Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published. Required fields are marked *