We live in a world of possibility where nothing can hurt us, and the internet is our magical playground. We think we have all the time in the world to choose the best security solutions for us, integrate them into every inch of our network, and use them to actively seek out threats and mitigate them.
But you do not have all the time in the world. Cyberattacks happen every 39 seconds somewhere in the world. Do you know how many ransomware attacks happen per day? 4000 a day (or one every 11 seconds) are from ransomware.
Once you have been attacked by ransomware, you have only two choices: pay the ransom or do not pay the ransom. Your decision at this moment will depend on many different elements.
Can you afford to lose the encrypted data, or can it be restored from back-ups without needing to pay ransom? Can you afford the downtime it will take to recover or restore the data? Do you have millions of dollars to pay a ransom demand? Do you have ransomware insurance? There are so many things to consider in an already stressful time. It is important to develop a strategy for ransomware protection before an attack occurs. Let’s explore the pros and cons of paying ransomware demands, and the importance of forward thinking and planning.
There are several advantages to paying the ransom. If you are working with “trustworthy” criminals, paying the ransom, and getting the encryption key reduces disruption to the business, is often cheaper than downtime, and if you have cyber-security insurance, that insurance might cover the cost of the attack.
The downside to paying the ransom is that there is simply no way to guarantee that the attackers will give you the decryption key. Even if you get the decryption key, will it work? For example, take the Colonial Pipeline attack earlier this year. They paid the $4.4 million ransom and received a decryption key that was too slow to use – meaning they had to rely on the back-ups and recovery solutions anyway. Paying the ransom might also encourage a second attack from the same group, or another group who sees you as an easy pay-day. Paying a ransom ensures the profitability of ransomware in the future, and there is no way to ensure the ransom payment does not go to terrorist or human trafficking organizations – making payment both moral and legal issues as well.
Please note, you should always consult with an attorney before paying a ransom to a ransomware operator. There are laws in every country dictating which ransoms can and cannot be paid. Paying an illegal ransom might land you in very hot water with your government or the local authorities.
Quite a lot as it turns out! This is no longer a corner-shop business. CPO magazine headlines read, “Ransomware Recovery Costs More Than Double in a Year, Now Average $1.85 Million,” and we suspect they are being generous.
Mid-attack, there are several things you should focus on when deciding to pay or not pay the ransom.
Just because the attack is over doesn’t mean you can rest easy. After the attack, there are several more things to consider.
No matter the decision you make about payment, there are two critical things you must do in the event of a ransomware attack: you must find and close the vulnerabilities that allowed the attacker to enter your network in the first place, and you must improve the overall cybersecurity in your organization.
The best way to avoid dealing with any of these situations is to prepare yourself and prevent ransomware attacks from happening in the first place using robust ransomware protection. COVID has inspired a boom in different cybersecurity solutions, each with its own specific benefits and shortfalls. For example, if you value machine learning and AI-enabled cyber threat intelligence, focused on the APAC region but with global coverage, you should consider deploying Sangfor’s Cyber Command. Cyber Command does many things to improve your overall IT security and risk posture, including:
The best defence is a great offence. If the thought of a ransomware attack scares you, you must prepare now for the eventuality. In 2021, ransomware has already cost enterprises $20 billion dollars. This is 57 times higher than the cost of ransomware in 2015, just 7 years ago. Take a lesson from the daily cyber-attacks in 2021, and implement ransomware protection for your business today.