Decoding Ransomware Negotiations: Analyzing Phases and Influence Strategies

Authors:

Abstract: Over the past few years, there has been a notable increase in ransomware attacks, impacting organizations and their employees and highlighting the need for new perspectives in understanding these incidents. While contemporary ransomware research has largely focused on technical prevention, cybercriminal psychology, and game theory economics, the negotiation process during these incidents has been relatively neglected. This study, utilizing chat logs from 17 actual ransomware cases, aims to identify the potential phases of a ransomware negotiation and to examine the influence strategies employed by both cybercriminals and victim organizations. It specifically investigates deviations from conventional negotiation processes, with a focus on the strategic use of influence tactics and their impact on negotiation outcomes. The anticipated findings are expected to provide comprehensive insights into the dynamics of ransomware negotiations, thereby enhancing academic understanding and informing practical response strategies.

Track: NEG

Keywords: ransomware negotiations, crisis negotiations, influence strategies, cybersecurity, content analysis