Until recently I thought bad actors referred to daytime television drama. The word is, of course, now used to describe cyber criminals and rogue governments using the internet to damage and infiltrate internet security systems. Recent experiences in Australia with MediSecure and Optus indicate how damaging these hacks are, particularly in terms of reputational damage and customer security.
However, the rising menace of hacking and breaching data security in major companies has created a range of new services such as insurance and prevention services.
A recent article in the 1843 magazine of The Economist by Amanda Chicago Lewis (Secrets of a ransomware negotiator) outlines the work of a Ransomware negotiator. The article provides a number of lessons for all negotiators and is worth reading.
Words are important:
The negotiator in the article, uses the title “threat actor engagement” to describe their work. The use of the word negotiator may signal a willingness to pay money from the outset. Similarly, “engagement” indicates the need to establish a working relationship with hackers. All communication with the hackers is polite and measured, as one group of professionals dealing with another. The negotiator never initiates a discussion about money and waits for the hacker to make the first demand.
Keep emotions in check:
Senior company employees are liable to panic and rush the process. Although criminal activity is involved, both parties have a common interest in a successful resolution. Thinking rationally and avoiding panic is vital to successful outcomes.
Use time to your advantage:
Initial communication to the hackers is deliberately from a low-level employee, making enquiries on behalf of their manager. This provides further opportunities for delay as approvals are sought for further actions. It also provides time to investigate the data breach and institute countermeasures to prevent additional breaches.
Two of the questions we love asking in our negotiation consulting engagements are:
- Who benefits more from the passage of time?
- And how could we influence the pace?
The answers to these questions often changing the strategy employed by our clients.
Don’t accept things at ‘face value’:
In hostage negotiations, this is called ‘proof of life’ to ensure that the hostage is still alive. With data, the negotiator requests proof of the files obtained to ascertain the extent of the penetration and potential damage. If other companies or sensitive contracts are affected, then it’s important to communicate to them as a priority.
Too often in negotiations we have seen organisations make concessions to satisfy demands and threats the counterpart probably had no authority or intention of following through on. It is critical to test and qualify things the counterparts claim.
Be professional:
The attacks have increased in recent years with $US4 billion of claims made to insurance companies in 2022. It is estimated that of that amount $US1.1 billion was paid to the hackers. As a result, they have established sophisticated organisations. Some have established homepages on the Dark Web to assist victims with resolving their demands.
Rewarding bad behaviour:
There is, of course the ethical issue that any ransom payment will only lead to more attacks. Many governments are concerned, and there has been some consideration of making these payments illegal. As some have pointed out that if such a ban were in place, exceptions would eventually have to made - if for instance a hospital were attacked.
I’ll never forget asking a CEO of a technology company which of their customers got the best deals, he responded: “the ones who behave the poorest when we are under pressure to close the deal and recognise revenue”… shortly followed by the realisation why their customers were often behaving badly at deal close.
In summary...
There is a brave new world where leaders of organisations are being dragged to the negotiating table with organised crime. With a cool head and willingness to follow the negotiating process you would otherwise deploy at any standard commercial negotiation, many of the breaches can be successfully resolved for far less than initial demands (as demonstrated in the article). Actually, once skilled and confident, negotiators become very comfortable negotiating almost any unfamiliar scenario, because negotiation is simply about following process. It’s worth reading the full article, as there are many lessons for us as skilled negotiators.
Happy negotiating!