Hackers are causing chaos, but fewer businesses are giving in as negotiators aim to outsmart the criminals, according to a report.

Ransomware Attacks: A Shifting Landscape for American Businesses

American companies are facing significant digital threats, but it seems that criminals are not reaping the profits they once did, based on a recent report.

Ransomware incidents are affecting businesses worldwide, leading to a rising demand for new types of intermediaries—specifically cyber ransom negotiators who stall hackers through negotiation tactics. However, fewer companies are willing to pay out these ransoms, according to a report from the Financial Times.

In light of an increase in cyberattacks, many firms are keen to recruit tech-savvy negotiators who can outsmart online extortionists. These professionals extend negotiations, trying to gather intelligence from the criminals while aiming to minimize or eliminate the ransoms entirely.

This approach appears effective. By 2025, less than half of all global companies impacted by ransomware are expected to make payments, which is down from 56% the previous year, as reported by cybersecurity firm Sophos.

Engaging in discussions with a hacker can resemble a tense game of chess. Negotiators often pretend to be clueless IT staff, dragging out conversations that can last anywhere from days to weeks. These discussions typically unfold in the darker corners of the internet, involving encrypted emails and specialized chat platforms.

Interestingly, many cybercriminals are not the masterminds one might imagine. Instead, many are surprisingly young—sometimes just teenagers—and can be unpredictable in their behavior, making negotiations feel chaotic.

“In a way, I joke that they’re just basement dwellers, but honestly… many are very young, maybe in their early 20s,” remarked Don Wyper from Digital Mint.

Last year, incidents targeted British retailers like Marks & Spencer and Harrods, while Jaguar Land Rover reportedly faced a staggering loss of approximately $344 million due to a cyber breach.

Typically, hackers demand between 1-2% of a company’s overall revenue as ransom, but that’s merely a starting figure. Negotiators work to drive that number down while carefully tracking cryptocurrency movements and digital traces.

Interestingly, many of these negotiators come with backgrounds in law enforcement or finance, bringing valuable real-world negotiation skills into the digital fray.

When organizations decide to pay, they often do so in cryptocurrencies like Bitcoin, using specialized payment brokers. Yet, even if an agreement is reached, nothing is set in stone. Companies must mull over legal implications, such as whether paying a ransom could breach sanctions or inadvertently fund criminal enterprises.

“There’s always a chance that the terms won’t be honored, and these hackers are not tied to the same legal frameworks or potential penalties as traditional businesses,” cautioned Mark Rance from Guidepoint Security.