Particle Data Platform
The Decibel

Who are the people hacking hackers?

4/16/202622 min

Ransomware attacks have become more prominent in recent years, with major breaches of hospitals, like Toronto’s Hospital for Sick Children in 2022, and companies like Indigo in 2023. In 2025, damages from ransomware attacks were expected to reach US$57-billion dollars worldwide.

Alongside the rise of ransomware attacks came the emergence of a new kind of industry: ransomware negotiators. They communicate with attackers to try to convince them to lower the ransom fee. Today, the Globe’s financial and cybercrime reporter, Alexandra Posadzki, joins us to talk about what it takes to hack the hackers, and what’s at risk in these kinds of engagements.

Questions? Comments? Ideas? Email us at thedecibel@globeandmail.com

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Clips

Hacking Hackers With Psychology
Why Hackers Keep Their Promises
Should We Ever Pay Ransoms?
A Plan To Phase Out Payments
When Negotiators Go Rogue
From Floppies To Crypto Ransoms
Real-World Stakes Of Attacks

Transcript preview

First 90 seconds

  1. Alexandra Posadzki· Guest0:02

    So the first time that Curtis Minder communicated with a threat actor was actually at his first ever tech job at Cencom Internet, which was one of the earliest dial-up internet service providers in central Illinois.

  2. Cheryl Sutherland· Host0:14

    Alexandra Posadski is The Globe's financial and cybercrime reporter, and she's describing a situation that's becoming more common, a hacker in the system.

  3. Alexandra Posadzki· Guest0:24

    Essentially, his boss, who was the systems administrator, had been fired quite hastily, and the president of the company asked Curtis to keep things running until they found someone to replace him. And so he takes on this job, and then he finds something suspicious in the system logs, which is essentially unusual logins from a router in a nearby town. And so he engages with this threat actor, this person who had been logging in from this router, and informed them that he knew that it was his recently fired boss who was lurking in the system, and that if he caught him again, he would report him to the authorities.

  4. Cheryl Sutherland· Host1:02

    In that situation, Curtis learned how to deal with, quote, threat actors, which led him to a new kind of job.

  5. Alexandra Posadzki· Guest1:10

    Curtis Minder's company, uh, GroupSense, essentially engaged with threat actors in a different way, and that is, um, doing what's called threat intelligence. So kind of lurking in the dark web, finding out what threat actors were doing. And it was actually during the COVID pandemic that he engaged

We value your privacy

We use cookies to understand how you use our platform and to improve your experience. Click "Accept All" to consent, or "Decline non-essential" to opt out of non-essential cookies. Read our Privacy Policy.