I can say it until I’m blue in the face: don’t pay the ransom, ever. Period. Even if you’re the victim of a ransomware attack, don’t pay the hackers.
In fact, I wrote an article explaining why paying the ransom only leads to more problems for your organization in the long term. (TL;DR: Paying the ransom is a short-sighted strategy that doesn’t guarantee you’ll get your data back and encourages hackers to attack you again). Yet, despite my warnings, some others (including cyber insurance companies) have encouraged companies to pay the ransom, as a quick means to restore operations. Seems like I need to cover the consequences (again), and help victims avoid paying again.
If you don’t believe me, maybe you’ll listen to the FBI, who also says that paying the ransom is a bad idea. As they point out, even if the bad guys do give you a key that actually unlocks your systems (which isn’t guaranteed—criminals not being the most trustworthy of folks), you don’t know what copies of the data exist or who might now have access to it. Your systems may still harbour latent malware or other infections that make you vulnerable to repeated attacks, and since the hackers know you’ll pay up you’re going to get hacked again. Like any business, ransomware hackers love repeat customers. Don’t listen to insurance providers who think they can save
And it helps to think of this as a kind of business model that hackers are using. Don’t get me wrong—ransomware attacks are crimes, 100%. And they should be treated as such. Someone who holds your data hostage is committing a crime just as much as if they’d smashed through your front window and started to rob your business.
But think of how hackers make their money: just like you, they identify their best customers (i.e.: people who pay the ransoms) and then work to garner a greater share of that customer’s wallet. If you pay up, you’re going to get hacked again.
Yes, I can say all that until I’m blue in the face. But I know, despite this, that some of you have already paid the ransom (and might be regretting it). So, if you have already paid, what should you do next?
Simple: avoid paying ransoms again.
The post How Not to Pay a Ransom (Twice) appeared first on Security Boulevard.