Ransomware: To Pay or Not?
Every day in the world of technology news, there is a story regarding ransomware. It is considered the most problematic cyber-threat. Whether this being a new attack that happened, a new string that was discovered, or advice from industry experts on how to protect yourself from an attack or how to handle one if it happens to you. Every day with ransomware on experts minds, we learn more and more about the risks and ways to protect ourselves. There are a lot of groups and organizations that are providing education, as well as helping victims recover their data without paying the ransom to the criminals. Malwarebytes did some commissioned research recently indicating that 39% of enterprises were hit by ransomware last year and of those, 40% paid the attackers in order to retrieve their data. Many Anti-virus companies say there is little chance of recovery without the keys. The FBI says corporations have a risk decision to make. So what decision should you make?
Not to simply such a complicated issue, but there is really 2 ways to look at it. You can make the decision to pay the ransom and directly contribute to the well being of criminality. In many cases, it’s a purely economic decision being it’s cheaper to pay up than lose your data. On the other hand, if you don’t pay up, you lose your data. Occasionally, there is an effective free decrypter available, but most of the time the security industry can’t provide one and your hands are tied. Depending what data is being ransomed, it could put you out of business to lose it, so you really have to weigh your options carefully. It may seem more corporately responsible to pay the criminal and ensure the livelihood of your business, not to mention ensure all your employees jobs. If organizations stopped paying the ransom, it would force these criminals to pursue other avenues to make a living. Until organizations (and individuals) start protecting their data, ransomware will remain economically viable for these criminals.
It is easy for technology companies to say it is wrong to give in to the demands when a ransomware attack happens. They are usually the ones with the knowledge and resources to protect themselves from this type of attack happening to them. Some organizations have real difficulty in resourcing the sort of security that defeats ransomware and have no choice but to pay up after a ransomware incident simply in order to stay in business. Paying the ransom should always be the last resort, but sometimes the only sensible business decision left is to pay the price they are asking. There is no clear cut decision here on what organizations should do, but one easy decision should be taking steps to protect yourself and your data. You need to backup your data. You shouldn’t have your secure backups routinely or permanently accessible from the network or computers you are backing up. This helps protect against the strong risk that the backups will also be encrypted by the ransomware on your machine.
The internet itself has been a huge gift for criminals, who are now using it not only for ransomware, but also malware such as trojans, hacking, and all manner of illegal activities on the dark web. There will always be security risks, so your organization needs to have a backup & disaster recovery solution and plan in place. You also need to understand what risks you are willing to take and what risks you have to do everything in your power to protect against. The best advice to give an organization is to not take on the security of your data yourself. Work with a professional, someone with experience in network security. 2W Tech has IT Consultants on staff that specialize in IT & Network Security, as well as Backup & Disaster Recover solutions and can work with you to ensure your data and network are protected.