The Dilemma: Should You Pay Ransomware or Not?
In recent months, ransomware has been a hot topic in the United States. Ransomware, a type of malware, attacks your computer and encrypts it. Then, it demands payment for the files.
Hackers offer individuals and organizations the option to pay the ransom and receive the key to decrypt your data or lose it all forever.
As businesses increasingly rely on technology to perform their day-to-day operations, new attack surfaces emerge that lack protection.
Cybersecurity Ventures expects that a ransomwarattacksck will affect a business every 11 seconds until 2021.
One FBI report stated that ransom payments totaled $1 billion each year.
Do You Have to Pay Ransomware
The FBI’s official statement on ransomware advises victims not to pay the ransom. It is not possible to guarantee that hackers will recover your data. It could also make your business a target if it is perceived as not prepared to deal with cyber attacks or willing to pay the ransom.
Some trends indicate that it may be cheaper to pay ransom occasionally.
Baltimore, for example, was infected by ransomware in May that prevented access to government systems and data. They refused to pay the $76,000 Bitcoin demand of the hacker.
Nearly two months later, the city continues to try and restore its files and secure its systems. Baltimore’s budget office estimates the attack will cost at least $18.2 million–a combination of lost revenue and direct costs to restore systems.
In this instance, the cost of recovery is much higher than the ransom.
One report by Tom Pace, vice-president of Blackberry-Cylance security firm, stated that many companies cannot afford to pay the ransom.
Pace describes instances in which his clients are threatened. He says, “Wouldn’t it be a shame? If we leaked all your internal data regarding your clients and customers?” This sounds like a lawsuit in progress.
They are extorting them in 2 ways. They extort them by encrypting all their files. They threaten to release data as well.” Pace said.
The number of hackers refusing to restore data after being paid is also declining. Hackers must have the confidence that businesses will get their data back after they pay.
Is it better to call a hacker’s fool or prepare for disaster recovery?
What’s the best thing to do if ransomware has taken over your computer?
The ultimate business decision is to decide if your company can take the hit.
It all depends on your company’s specific characteristics, the attack, and the risk. These variables can change at any moment.
Regardless of the numerous variables, there is one option: pay the ransom or refuse to accept the breach.
Security hygiene is the solution to this problem. There are many preventative measures that every company and individual can take. The most important is to make sure your company regularly backs up its data. A regular backup and cloud security is a must to reduce the potential for a breach.
If ransomware has infected your computer, you should not decide to pay or not. If a company is breached, the best thing for them to do is to seek consult from cyber security professionals who can accurately assess the severity of the threat?
Companies are not afraid to pay ransoms to hacks that they don’t consider to be high-risk because they have misunderstood the danger.
Cyber security experts can help you assess your risk and recover from an attack. They also work with you to develop protocols to prevent future attacks. Cyber security insurance may also cover online extortion. If your company is at high risk for cyber attacks you can look into the cost, coverage, and whether your company needs it here.
Prevention is the best form of medicine
We recommend these tactics to combat this threat.
- Antivirus is almost dead. Next-gen endpoint security is recommended. It provides visibility for a time and protects your endpoints.
- To streamline response to possible incidents, use tools that integrate with security and event management software (SIEM).
- Get to know what you are expecting. To ensure that your systems comply with standards, experts should periodically inspect them.