Hackers run amok, but fewer corporate victims are paying up as ‘dealmakers’ strive to outwit criminals: report

5 2 minutes read

Corporate America is facing a digital onslaught, but the criminals aren’t profiting as much as they used to, a recent report suggests.

Ransomware attacks are on the rise, leading to a surge in demand for cyber ransom negotiators who engage with hackers and buy time, as reported by the Financial Times. However, fewer companies are actually giving in to the demands.

With the increase in cyber threats, businesses are in urgent need of tech-savvy negotiators who can outsmart online extortionists. These negotiators prolong discussions and extract information from attackers, all while aiming to minimize or eliminate ransom payments altogether.

These tactics seem to be effective. According to a report from cybersecurity company Sophos, less than half of global companies affected by ransomware in 2025 ended up paying, down from 56% the previous year.

Less than half of global companies hit by ransomware in 2025 ended up paying, down from 56% the year before. Syda Productions – stock.adobe.com

Negotiations with anonymous hackers resemble a high-stakes game of chess. Negotiators often pretend to be uninformed IT employees and drag out conversations. These discussions can last from days to weeks, unfolding in the dark corners of the internet, encrypted emails, and specialized chat platforms, according to the FT.

The cyber criminals are often far from being criminal masterminds. The report indicates that many of them are surprisingly young, sometimes teenagers, known for their crude language and unpredictable behavior that can complicate negotiations.

“I joke that in my mind’s eye these are neck-bearded basement dwellers. But the truth is … a lot are very young teenagers or maybe in their early twenties,” Don Wyper of cyber firm DigitalMint shared with the FT.

British retailers Marks and Spencer and Harrods fell victim to hackers last year. Automaker Jaguar Land Rover reportedly suffered losses of around $344 million.

Hackers typically demand ransoms equivalent to 1 to 2% of a company’s revenue, but that is usually just the starting point. Negotiators can lower the amount while discreetly tracing crypto wallets and digital footprints.

A Digitalmint Cyber booth with a sign for incident response, cyber extortion mitigation, negotiations, and readiness and resilience. — Cyber firm DigitalMint helps thwart hacker attacks. Linkedin/DigitalMint

Many of these cyber intermediaries have backgrounds in law enforcement or finance, bringing their negotiation skills from the real world into the digital realm.

For those who do decide to pay, the funds are usually transferred in cryptocurrency like Bitcoin, often through specialized payment services. However, even if an agreement is reached, nothing is certain, and organizations must consider legal implications, such as the possibility of violating sanctions or funding criminal activities.

“There is always the risk of them not adhering to the terms of the agreement and they are not bound by the same legal terms and potential for civil or regulatory penalties that a regular organization would be,” Mark Lance of cyber security adviser GuidePoint Security explained to the FT.