Should you pay ransomware?

Home  »  Blog  »  Cyber Security  »  Should you...

By Bill Minahan   |   November 26, 2018   |   0 Comments

The Dilemma: Should You Pay Ransomware or Not?

Ransomware attack pay or not

Ransomware has made headlines across the U.S. in recent months. Ransomware is a form of malware that attacks your computer, encrypts your data, and then demands payment in exchange for your files.

Hackers give organizations and individuals a choice: pay the ransom and get the key to unencrypt your data or lose it forever.

However, last week at a U.S. Conference, mayors in over 1,400 cities resolved to ban the payment of ransomware to hackers. They argued that payment only gives incentive for this type of illegal behavior to continue.

This resolution happened just a month after half a dozen U.S. cities were hit by ransomware.

In June 2019, three Florida cities fell victim to cyber attacks that have cost them over $1 million dollars. 21 local governments have already reported attacks in the first four months of 2019.

Additionally, there were two massive health care data breaches that exposed the private and financial data of 19.6 million patients.

As businesses increasingly rely on technology to preform their day to day operations, new attack surfaces emerge that lack protection.

Cybersecurity Ventures predicts that a business will fall victim to a ransomware attack every 11 seconds by 2021.

According to one report, the FBI estimated that the total amount of ransom payments was approaching $1 billion annually.

Should You Pay Ransomware?

The FBI’s official statement on ransomware advises victims not to pay the ransom. There is no guarantee that the hackers will restore your information. Worse, it could put a target on your back if your business is seen as unprepared to handle cyber attacks and willing to pay the ransom.

However, as of lately, some trends suggest it might be more cost-efficient to pay the ransom sometimes.

For example, in May, the city of Baltimore was hit by a strand of ransomware that restricted access to government data and systems. They refused to pay the hacker that demanded $76,000 worth of Bitcoin.

Almost two months later, the city is still trying to restore their files and secure their systems. Baltimore’s budget office estimates the attack will cost at least $18.2 million—a combination of lost revenue and direct costs to restore systems.

Therefore in this case, the estimated cost of recovery is vastly higher than the ransom.

In one report Tom Pace, vice president of Blackberry-Cylance, a leading security firm, explained that often companies can’t afford to not pay the ransom.

Pace describes situations where his clients get threats such as “Would it not be a shame if we leaked all of your internal data about your clients and customers? Sounds to us like a large lawsuit waiting to happen.”

“So they’re extorting them in two ways. They’re extorting them by actually encrypting all the files. And then they’re extorting them by threatening to also release the data.” said Pace.

Lastly, the number of hackers who refuse to restore the data even after their paid is on the decline. Hackers need businesses to trust they’ll get their data back after paying, or else their attack is futile.

Calling a hacker’s bluff or preparing for disaster recovery?

So, what’s your best option if you’ve been hit by ransomware?

This dilemma is ultimately a business decision: can your company take the hit?

It depends on the specific nature of your company, the attack, and the risk. These are variables that change in every ease.

Despite the many variables, the ultimate option remains the same in most cases: either pay the ransom or refuse and accept the breach.

There is a solution to this dilemma: security hygiene. There are preemptive measures every business and individual can take and the most important is to ensure your company is regularly backing up it’s data. Ensuring your MSP equips you with cloud security and regular backups makes the impact of a breach far less deadly.

However, if you are struck by ransomware you shouldn’t make the decision to pay or not pay alone. A company’s best option if breached is to seek consult from cyber security professionals who can accurately determine the extent of the threat.

Unfortunately, it’s not uncommon for companies to pay a large ransom to a hack that was not a high risk because they misunderstand the scope of the threat.

Cyber security professionals can help you assess the risk, recover from the attack, and work with you to create protocols to prevent any future ones.

Prevention is the best medicine

There are a few ways we recommend you battle this threat:

  • Traditional antivirus is basically dead. We recommend next-gen end point security that provides time period visibility and protection for your endpoints.
  • Using tools that integrate with security information and event management (SIEM) software to streamline responses to potential incidents.
  • Inspect what you Expect. Periodically have experts examine your systems to ensure compliance standards are being met.

Don’t do it alone.
Let aNetworks’ Cyber Security experts become an extension of your team.

aNetworks offers a free assessment to evaluate your organizations current security strengths and weaknesses. It takes 15 minutes. With the assessment, we provide to you a detailed report so you can ensure your systems are secure.

FREE CYBERSECURITY ASSESSMENT