Would You Pay a Ransom to Get Your Business’s Data Back?
If your company became a victim of a ransomware attack, would you pay the ransom? Find out why security experts recommend not giving into hackers’ demands and why many organizations do not heed this advice.
In December 2017, a county government employee fell for a phishing email scam, which resulted in 48 servers being infected with the LockCrypt ransomware. The attack paralyzed many crucial services in Mecklenburg County, North Carolina, because the county’s tax, finance, deed, social services, and other systems were no longer available. The cybercriminals asked for $23,000 (USD) in ransom. Although county government officials were in contact with the hackers, they were undecided about whether to pay the ransom when the deadline arrived. What would you do if your business found itself in this situation? It can be a hard question to answer.
Rationale for Not Paying
Mecklenburg County ultimately decided not to pay the ransom, which is what most security experts recommend. There are several reasons for this recommendation. For starters, if you pay the initial ransom, hackers might ask for more money. That’s what happened to the Kansas Heart Hospital. It paid the ransom, but the cybercriminals only partially restored the hospital’s files and then demanded more money to decrypt the rest. We hear of this more and more.
What is worse, you might pay the ransom but never get your files back. Only 47% of victims who pay the ransom get their files back, according to Symantec’s “2017 Internet Security Threat Report”. Some hackers sophisticated ransomware variants are designed to delete rather than encrypt victims’ files. So, even if you pay the ransom, your files are history. There is no honor among thieves, according to two Talos researchers who discovered one of these variants, which they dubbed Ranscam.
Paying the ransom can also have long-term implications for your business. It may lead to new cyber attacks against your company since the cybercriminals know you will pay to get your data back. They could bank on the chance that your systems or employees are still vulnerable. On a broader scale, the more organizations pay up, the more hackers target them.
What Would You Do?
Whether or not you pay a ransom for your data is a hard decision that hopefully you will never have to make. No matter your decision, a ransomware attack would likely cause other problems for your business. A 2017 Malwarebytes study found that 22% of small and midsized organizations that experienced a ransomware attack had to cease business operations immediately, resulting in downtime and lost revenue. Thus, it is important to do everything you can to protect your business from ransomware. CopperTree can help you develop an effective strategy by proactively having your backups checked at all times to save paying ransomware.