Kidnappings for ransom have been dramatized on television and in the movies and detailed on the news. Heck, even Julius Caesar was once kidnapped by pirates, held for ransom and even lived to document his tale for the history books.
While the methods are literally as old as ancient history, cyber security experts are now looking to the kidnapping and ransom industry to better understand how to deal with the growing threat of ransomware, which is now a billion dollar a year industry.
Since English isn't the first language of many ransomware attackers, Krone said he relies on in-house foreign language speakers to help negotiate with attackers in their native language — usually through a message board.
"It certainly helps when we can approach them in their own language and they calm down a little bit," he said. "Sometimes they are very nervous and they know they are breaking the law."
Often, it's not just about the price. Krone said having a negotiator work with the attacker helps ensure a business is getting the proper decryption tools to unlock their data. Many times, this requires a good faith fee put up first before the cyber criminal receives the full payment, he said.
"A lot of times, we need up to 20 hours working with the attacker getting the decryption to work," Krone said. "They'll help us because it's in their best interest for it to go smoothly."
And while the cyber attackers are committing crimes, Krone said some of the people he has negotiated with have ulterior motives.
"We are having several attackers approaching us wanting to become good guys and go into security consulting," he said. "While a significant amount are pure criminals, others are funding tech start-ups."