negotiation is fine… a weakness is presuming to know what the perp wants (and many times they don;t know themselves) so engagement is good “The Cuckoo's Egg” is worth the read…
/bill On 22May2014Thursday, at 8:23, Livingood, Jason <[email protected]> wrote: > On 5/22/14, 12:51 AM, "Beleaguered Admin" <[email protected]> > wrote: > >> This has been going on for a long time -- almost every detail is >> exactly the same as what is described here: >> http://techcrunch.com/2014/03/03/meetup-suffering-significant-ddos-attack- >> taking-it-offline-for-days/ >> >> He is in regular communication (via whois info and other collected >> contact data) asking for <$1000 USD sums to stop the attacks. > > That article said that the company didn¹t want to negotiate with > criminals. As an aside I spent some time with a retired hostage negotiator > on Tuesday (which was fascinating BTW). He actually said negotiation is > always useful and sometimes paying a ransom demand can serve as a method > to track where the money goes, to identify all the actors involved for > later action (which may apply in this case). And sometimes financial > demands are dropped as a result of negotiation. > >> Is it worth talking to law enforcement? Some of these have been >500k >> costs to the customer, but we assume the person doing it isn't in any >> western country, so maybe it doesn't even matter? > > You may find the law enforcement more interested in engaging within you > than you might think. > > Jason >
