Blog / Ransomware: To Pay, or Not to Pay… That is the Big Question!
Last year some analysts predicted that Ransomware was a passing fancy and would start to fade away. Well, I think we can agree they got it wrong. Security is a moving target and it is difficult to guess which new thing will turn into a standard tool for cyber criminals.
With the evolution of the attacks, cyber crooks have also started to steal your data, additionally to locking you out of it. Once it is stolen, they can threaten to publish it online, or worse, sell it to someone else. I say that selling it is worse, because if someone spends money on buying your data, they are then motivated to finding a way to making money off their investment.
A successful Ransomware Attack is only detected after the data has been robbed and computers have been encrypted. So then, the big question is: do you pay the Ransom or not? To paraphrase “The Bard”:
To pay, or not to pay. That is the question.
Whether ’tis nobler for the wallet to suffer
The interruption and disaster of outrageous downtime,
Or to take arms against a mass of encrypted file woes
And by refusing to be extorted, end Ransomware.
The thing is, when you are in this sort of situation and your back is against the wall, the question of paying or not, becomes hard to answer. You are looking at lots of downtime to restore backups and missing data (assuming your backups were not sabotaged while you were not looking.) Also, they may extort you and say they will publish or sell your data if you refuse to pay, which could lead to extra financial woes, fines, or litigation.
Another thing to consider is the Cyber Security Insurance Policy. Some insurance organizations will look at the situation and decide that they will only pay out to cover the Ransom. The reason, of course, boils down to money. If the Ransom is paid, the cost is a certain amount; if it is not paid, then the price would likely be another sum. The insurance enterprise will probably go with the one that will be lower, which makes total sense, because an insurance company always looks at the world in terms of dollars anyway.
Now then, I have been a part of the insurance process for setting up Cyber Insurance and let me just say that these outfits still do not have a clue about how to treat this sort of insurance. However, they are very good at learning from things that cost them money, so you will expect the issue to eventually correct itself.
Further proof that the insurance entities do not understand how to deal with this, is the fact that they even authorize paying the Ransom, at all. It is very easy to see how this leads to an increase in Ransomware for the future (which makes Cyber Insurance less profitable.) The only way you are ever going to see an end to Ransomware, is by making it unprofitable in the long run.
If you have any questions about Ransomware, please reach out to your TRINUS Account Manager for some stress-free IT.
By Kind Courtesy of Your Friendly Neighbourhood Cyber-Man.