Cybersecurity Insight

Is Paying the Ransom in a Ransomware Attack the Right Move?

19 Feb

There has been some debate recently about what to do if you are attacked with ransomware. Ransomware is a form of cyber attack that loads malware into computer systems that encrypts the files. The only way to break the encryption is with a “key”. The only way the key can be obtained is to pay a sum of money, or ransom.

Those that perpetrate ransomware often threaten that if the ransom is not paid within a certain timeframe all the files we be deleted permanently.

For many businesses or other entities losing all of their files would be debilitating, causing many to fold up shop. For them the only recourse is to simply pay the ransom. This brings up another problem though.

If you pay the ransom, what is stopping another attacker from exploiting you, especially now that they now you’ll pay up when asked?

In 2015 a Swiss-based company called ProtonMail was the victim of a ransomware attack. What did they do? They paid the ransom. What happened next? Another attack.

ProtonMail stated they made a mistake paying the first ransom and put out a statement saying they would never pay another ransom to future attackers – “it was clearly the wrong decision,” they said.

Recently, another organization paid a hefty ransom to release their systems from the grasp of ransomware. Hollywood Presbyterian Medical Center was the victim of ransomware that crippled their systems. The attackers wanted 40 Bitcoins ($17,000) for the decryption key. Just as ProtonMail did, Hollywood Presbyterian paid the ransom.

So far Hollywoord Presbyterian has not reported any additional attacks, but it’s only been a short time since they paid.

Ransomware attacks have become more prevalent in recent years as traditional cyber attacks have become more difficult to perpetrate – although that hasn’t stopped them from occurring, of course.

Thwarting ransomware attacks isn’t as tricky as it might seem though. The best way to guard against a ransomware attack is to keep offline or separate backups of your files and data. If you are the victim of a ransomware attack you can avoid paying the ransom and restore your data using your offline backups.

Of course, having a full suite of defenses against cyber attacks is a great strategy. Focusing on one aspect is sure to open you up to attacks in other areas. Having a full plan of attack – no pun intended – against ransomware and other methods is sure to set you up for success.