Earlier this year, GroupSense spoke to Erika Hellerstein, Senior Reporter at Coda, about connecting links between disinformation and ransomware, as well as GroupSense's backstory on how they became ransomware negotiators.
In late 2020, a cancer charity contacted the U.S.-based cybersecurity company, GroupSense, in a panic. One of the world’s largest cybercrime gangs had infiltrated the organization’s computer system and kidnapped its data. An ominously worded message explained that the hackers were willing to restore the nonprofit’s records in exchange for several million dollars.
The digital ambush thrust the charity into uncharted and potentially catastrophic territory. Paying the requested amount was unthinkable for a nonprofit group, and even if it were able to foot the bill, news of the breach trickling out to donors could be devastating. The organization eventually turned to GroupSense, which has carved a niche out of negotiating ransom payments between hackers and victims, for help.
“They were like, the number is so far off the mark that this seems hopeless. We’re doomed,” said Kurtis Minder, the company’s founder and CEO.
The middlemen agreed to step in.
Wrangling with the subterranean world of cyber-hijacking requires some finesse. So, GroupSense created a set of principles to guide their conversations. “Don’t be antagonistic, be polite and treat it like a business transaction,” explained Minder. But this case tested the organization’s patience. “We were so angry,” he recalled. “We were like, ‘You hit a cancer charity. They don’t have any money. You should just unencrypt their files immediately, so they can go back to saving people.” The appeal to the hackers’ better angels was ignored, but the two groups were, eventually, able to settle on a much lower fee than the original demand: $10,000.
The incident provides a glimpse into a dawning era of cyber chaos, where unscrupulous actors are seizing upon the vulnerabilities of our digital world in increasingly brazen and frequent attacks. Some are doing so via ransomware, a form of malicious software that hackers deploy to encrypt victims’ data and then extort them for payment.
From 2019 to 2020 alone, ransomware attacks rose by 62% globally and 152% in North America, according to a report by the cybersecurity firm SonicWall. Hackers have slipped into the electronic networks of schools, hospitals, voting systems, local governments, small businesses, and major food and fuel suppliers, disrupting the lives of millions of everyday people — all as the coronavirus pandemic cements a shift toward an ever-increasing reliance on digital systems.
The data suggests that we have entered a new phase of digital disruption. While nobody can predict what the future will hold, the evolution of disinformation could provide a useful guide. A decade ago, the issue was barely on people’s radar; now, it has become so ubiquitous in political and technological debates that a world without it seems almost unimaginable. Could ransomware follow a similar trajectory?
Kurtis Minder is the CEO and co-founder of GroupSense, a leading provider in Digital Risk solutions. Kurtis built a robust cyber reconnaissance operation protecting some of the largest enterprises and government organizations. Kurtis has been the lead negotiator at GroupSense for ransomware response cases. He has successfully navigated and negotiated some of the largest ransomware, breach, and data extortion cases world-wide. With over 20 years in the information security industry, Kurtis brings a unique blend of technical, sales and executive acumen.