1 in 3 security professionals recommend negotiating with cybercriminals for the return of stolen data or the restoration of encrypted files, according to ThreatTrack Security.
While 70% of respondents overall did not support negotiating, 86% of security professionals believed their peers at other organizations have brokered deals with hackers.
The study also found that firsthand experience with cybercrime extortion clearly shaped opinions. Nearly 40% of security professionals said they are employed at an organization that has been targeted by cybercrime extortion, and 55% of them are willing to negotiate. Stuart Itkin, Senior Vice President at ThreatTrack, said: "Whether data is stolen by APTs or targeted attacks, or lost due to ransomware infection, enterprises need to reevaluate their cybersecurity strategies to incorporate the latest advanced threat defenses and become obsessive about backing up their data. Rapid detection and elimination of threats, and the ability to restore encrypted data, will neutralize the incentives that are driving cybercrime extortion and help ensure security professionals will not have to face this difficult choice."
Security professionals within the healthcare and financial services sectors were least likely to recommend negotiating with cyber-extortionists with 92% and 80%, respectively, saying "No". 66% are concerned about negative reactions from customers and/or employees whose data was compromised if they learned their organization chose not to negotiate with cybercriminals for its return after a breach was disclosed.
23% said companies should set aside funds for negotiating with cybercriminals who steal, encrypt or threaten to sell their data:
Asked what role the government should play in investigating cybercrime extortion: