Is Paying Up Part of a Good Ransomware Protection Plan?

iQuanti: If your business is targeted by ransomware attackers, the effects can be terrifying, if not devastating. There are plenty of options out there for trying to combat the attack, but which is best? 

The answer, unfortunately, isn't a straightforward one. We're breaking down everything you need to know about ransomware protection so that you can make the best decision for your business. Before making a final decision, it's important to consult with law enforcement and IT specialists as necessary to determine the best path. 

What Are Ransomware Attacks? 

Ransomware is malware, also known as malicious software, that can infect your digital livelihood. Ransomware can prevent a business from accessing their files and systems because of a click on an infected link, ad, or email attachment. Cybercriminals will then demand that you pay a ransom in order to re-access your data.

If your network has become infected with the ransomware, it can wreak havoc, with the only solution seemingly being to pay the ransom that the attacker demands. However, there are other solutions. 

Why Would a Company Pay a Ransom? 

There are a few reasons why a business may fork out cash to pay a ransom, but oftentimes, fear is the driving force. It can be scary to wait for a solution to come when a huge threat looms over your business and operations. Other reasons a company may consider paying a ransom include:

  • Time: Paying a ransom may limit the time that you're dealing with the issue. Contracting another service to solve the problem, if at all, can take much longer than paying the attacker directly. Though, that's assuming that they are being truthful to their word. 
  • Preserving Relationships with Customers: If you hesitate to pay a ransom, some attackers resort to reaching out to your customers and dangling the threat of having their information directly. Additional pressure from customers, paired with the fear of losing those customers, usually means desperate measures. 
  • Money: Paying the attacker could be less than paying for a third party to solve the issue. If a company is looking at it purely from an economic standpoint and cutting its losses, they may decide to pay the ransom, hoping that the attacker will hold true to their promise to return access. 

Companies That Have Paid the Price

Back in 2021, Colonial Pipeline was hacked, and a mass amount of their files were encrypted during the process. In an effort to repair business operations, the company paid over $4 million to settle the ransom in order to decrypt the files. In this case, the company found it necessary to pay the ransom to further avoid business disruption, even against the caution of multiple organizations. 

But the reality is that companies have rarely found relief in paying their attackers. According to Sophos' The State of Ransomware 2021, only 8% of businesses were able to recover all of their data, and on average just 65% of data was recovered. 

Is Paying a Ransom Legal? 

The Department of Treasury has said that any company on the receiving or sending end of a ransom payment may face legal repercussions. This is further complicated when the attacker is abroad as it could be looked at as funding terrorism or violating regulations set forth by the Office of Foreign Assets Control if you pay a ransom. 

So, Should You Pay Up? 

Government agencies, including the FBI, do not recommend paying ransomware attackers when they demand you do so. This is because paying the fee not only empowers the group to continue attacking businesses but there is no guarantee that the group will return access to your files. They may also still release the data or extort you down the line for extra money because they know you're willing to pay up. Even if a hacker returns access or decrypts the files for you, they still have all of the information in their possession. 

If a hacker lies and you pay, not only will you be out thousands or millions of dollars, but the hacker can still ruin your business with the seized data. The FBI recommends reaching out directly to your local FBI office. Before making a decision, it's important to exhaust all of your consultation resources to ensure you're doing what is best for your situation. 

Source: iQuanti, Inc.