Negotiating with infrastructure cyberterrorists
In ransomware cyberattacks, hackers steal a victim’s sensitive data and threaten to publish or block access to it unless a ransom is paid. Across the globe each year, millions of ransomware attacks are carried out on businesses, cities, and organizations, costing billions of dollars total in payments and damages. Many technologies can thwart such cyberattacks, but MIT Computer Science and Artificial Laboratory (CSAIL) and Department of Urban Studies and Planning (DUSP) researchers believe there’s more to solving the issue than deploying the latest software. Based on business negotiation strategies, the researchers designed a “cyber negotiation” framework, published recently in the Journal of Cyber Policy, that details a step-by-step process for what to do before, during, and after an attack. Lead author and CSAIL and DUSP researcher Gregory Falco, who founded the critical-infrastructure cybersecurity startup NeuroMesh, spoke to MIT News about the plan. He was joined on the paper by co-authors...