))
Digital Asset Redemption's Steve Baer on Why Half of Ransomware Victims Shouldn't Pay
Manage episode 488359348 series 3505151
Content provided by Team Cymru. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Team Cymru or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Most organizations approach ransomware as a technical problem, but Steve Baer, Field CISO at Digital Asset Redemption, has built his career understanding it as fundamentally human. His team's approach highlights why traditional cybersecurity tools fall short against motivated human adversaries and how proactive intelligence gathering can prevent incidents before they occur.
Steve's insights from the ransomware negotiation business challenge conventional wisdom about cyber extortion. Professional negotiators consistently achieve 73-75% reductions in ransom demands through skilled human interaction, while many victims discover their "stolen" data is actually worthless historical information that adversaries misrepresent as current breaches. Digital Asset Redemption's unique position allows them to purchase stolen organizational data on dark markets before public disclosure, effectively preventing incidents rather than merely responding to them.
Topics discussed:
- Building human intelligence networks with speakers of different languages who maintain authentic personas and relationships within dark web adversarial communities.
- Professional ransomware negotiation techniques that achieve consistent 73-75% reductions in extortion demands through skilled human interaction rather than automated responses.
- The reality that less than half of ransomware victims require payment, as many attacks involve worthless historical data misrepresented as current breaches.
- Proactive data acquisition strategies that purchase stolen organizational information on dark markets before public disclosure to prevent incident escalation.
- Why AI serves as a useful tool for maintaining context and personas but cannot replace human intelligence when countering human adversaries.
Key Takeaways:
- Investigate data value before paying ransoms — many attacks involve worthless historical information that adversaries misrepresent as current breaches.
- Engage professional negotiators rather than attempting DIY ransomware negotiations, as specialized expertise consistently achieves 73-75% reductions in demands.
- Build relationships within the cybersecurity community since the industry remains small and professionals freely share valuable threat intelligence.
- Deploy human intelligence networks with diverse language capabilities to gather authentic threat intelligence from adversarial communities.
- Assess AI implementation as a useful tool for maintaining context and personas while recognizing human adversaries require human intelligence to counter.
Listen to more episodes:
90 episodes
Share
