ADVERTISEMENT

“Give me six hours:" negotiator pleads for more time as LockBit pressures CEO at the heart of a supply chain attack

An attack by a notorious cyber gang brought a French data center to a halt. With thousands relying on its servers, the pressure was on to negotiate. An incident responder begged them to hold off. It was the right move, but it had consequences.

ransomware negotiator trying to buy time AMC

Image by Cybernews

Ann-Marie Corvin
Ann-Marie Corvin Senior Journalist
Mar 20, 2026 Updated: 20 March 2026 6 min read
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.
RodrigueLeBayon.png
Incident response leader Rodrigue LeBayon (second left) talking at Don't Call the Police premiere in London.

Buying time

“Should you start a conversation with the attacker, or should you ignore him for now? It’s an important choice."
Rodrigue Le Bayon, computer emergency response team director, Orange Cyberdefense
Everest Under Armour clock
Example of a ransomware timer, taken from the Under Armour attack, launched by the Everest ransomware gang

Transparency and building up trust

ADVERTISEMENT

Has your password leaked?

Enter your password to check if it has leaked. Having a leaked password creates the risk of identity theft, financial damages, and worse!
35,607,543,468
Exposed Passwords
Ad
Protect your personal information from cybercriminals and get 50% off the top-rated password manager
link_title link_title
“He told me he only had two months of cash flow and there was a prospect of 50 employees losing their jobs.”
Rodrigue Le Bayon, computer emergency response team director, Orange Cyberdefense

Violence-as-a-service

The Com, cybercriminals
“Violence-as-a-service” groups like The Con are often hired for drug trafficking, cyberattacks, online fraud, violent extortion, and even murder.

Double extortion and a crisis of confidence

“It’s important to communicate what happened”

“Sometimes I get asked to guarantee that clients will never have issues [with ransomware], and I tell them clearly: ‘Can you guarantee me that you won’t click on suspicious links? That you will use strong enough passwords and change them regularly? No? You can’t! So I’m compelling you to do this."
Joseph Veigas, CEO of French data center, Coaxis.

ADVERTISEMENT