The SANS Summit Recap

Moving beyond encryption is a huge part of what GroupSense ransomware negotiators do during a ransomware incident. A successful negotiation has many complex elements. The trickiest part of ransomware incidents is usually threat actor engagement. 

GroupSense Director of Intelligence Operations Bryce Webster-Jacobsen and Senior Intelligence Analyst Sean Jones presented at this year's SANS Ransomware Summit. During their session, "Beyond Encryption: Exploring the Tactics Ransomware Operators use During Negotiations and their Impact," Bryce and Sean explore the specifics of what makes threat actor engagement so complex. 

Threat actors use psychological tactics to create fear, uncertainty, and doubt that make victims less confident. Paired with other tactics that play on the ethos of victims, inexperienced negotiators can easily be pulled into the threat actor's trap. During the SANS Ransomware Summit, there were several other enlightening sessions that offered valuable insights into the world of ransomware.

These visual notes provide a unique perspective on the session, offering an overview of the summit's sessions. Other session topics included ransomware after RaaS, analysis of legitimate tools abused by threat actors, and newly observed ransomware tactics. Check out the visual notes created by artist Ashton Rodenhiser from our session below to learn more. 

As we delve deeper into the world of ransomware negotiation, it becomes clear that moving beyond encryption is a crucial aspect of successful negotiations. At GroupSense, our team of expert negotiators understands the intricacies involved in engaging with threat actors. To learn more about the complexities of negotiations, download our comprehensive Ransomware Negotiation Guide. You will gain the knowledge and expertise needed to navigate the psychology of threat actors. Don't fall into the trap set by inexperienced negotiators; equip yourself with the tools to outsmart the threat actors.