Defining cyber-negotiation strategies: A scoping review

• In Event: Contemporary issues in cybercrime

Abstract

Cybercriminal groups have become increasingly specialized in targeting public and private companies, critical infrastructure, and government agencies, where operational disruptions can have significant market and societal repercussions. In particular, ransomware attacks have emerged as a predominant threat, demanding ransom payments in exchange for the release of encrypted data.
In these situations, a cyber-negotiation phase often takes place, enabling direct communication between victims and attackers through various channels. Despite its growing relevance, cyber-negotiation remains underexplored in academic literature, particularly due to its heavy reliance on social engineering tactics (MacColl et al., 2023; Matthijsse et al., 2023).
This research aims to conduct a scoping review to examine the current state of knowledge on this topic, with a focus on existing definitions, negotiation strategies, and the key challenges involved. To achieve this, a systematic literature review was performed across five major databases (Web of Science, PubMed, Sage, Scopus, and Google Scholar), ensuring rigorous data collection. The PRISMA-ScR checklist (Tricco et al., 2018) was followed to maintain methodological rigor.
The findings present the components of cyber-negotiation, the strategies employed by perpetrators and victims, and the challenges and issues raised by this practice. This analysis provides a deeper understanding of the cyber-negotiation ecosystem, highlighting the key actors involved as well as the complexity of direct exchanges with cyber-criminals.

Authors

• Mary-Lou Barraud, Université de Lausanne

• Stefano Caneppele, University of Lausanne