Ransomware-Whether to Pay or Not?

ransomware to pay or not

As the world adapts to navigating their day to day lives with the help of the internet, we tend to share vulnerable information about ourselves mostly without even realizing it. In recent times, hackers have noticed an opportunity and now more than a million businesses are targeted worldwide by Ransomware.

From Albany Airport to NYC-based Monroe college, every commercial entity has been subjected to Ransomware and mostly had to pay up too!

As New York speculates whether paying Ransomware should be regulated or not, let’s talk about what is Ransomware, should you pay or not pay the money demanded by the hacker? and finally, steps to protect your business and its client’s sensitive information from such malware.

What is Ransomware?

“Almost 40% of businesses are attacked by Ransomware in a year” *

As the name suggests Ransomware is a form of malware from crypto-virology that blocks the owner of the software or computer from accessing and controlling the system until the said Ransom is paid to the hackers.

In case your system has been affected by this malware you may:

  • Lose control or access to sensitive data.
  • May be threatened that the data will be made public
  • The files will be subjected to transcoding making it inaccessible to the creators.
  • You may receive a command to provide payment (mostly through cryptocurrency like Bitcoin) without which your data will either be stolen or deleted.

How does Ransomware infect a computer?

“71% of Ransomware Attacks are targeted at Small businesses” **

The most common practice hackers use to infect your computer are:

  • Phishing Emails – these emails that contain attachments which usually is a malware affect your computer when you open the attachment or link sent with the email.
  • Drive-by downloading– is when you visit a website that is infected and downloads a file or any other item from the website, thereby infecting your computer too.
  • Vulnerable web servers – these are used as entry points to gain access to a business network.
  • Mobile-based Ransomware– here a mobile version of Ransomware effects your mobile device. Like in the case of Simple lock that effected over 150,000 android users.
  • Crypto Ransomware – is a variant that spreads through web browsers, social media and web-based instant messaging platforms.

Steps to protect your business from Ransomware

With the steady rise in Ransomware attacks all across the globe, it is highly advisable for your company to take appropriate steps to mitigate the risk and limit the damage. Given the fact that paying and not paying Ransomware will each have its adverse effects let’s talk about steps, you can implement to avoid such issues, to begin with.

  • Apply software patches – software vulnerabilities are what cyberattackers look for. Although this is time-consuming and a lot of work, it is vital for the safety of the company and its data. One of internet’s most notorious ransom attack Wanna Cry made it to billions of dollars and over a million computers primarily because the patches weren’t done fast enough on the systems.
  • Get insured – Cyber insurance provides a safety blanket for most small businesses who may be prone to such attacks. Cyber liability insurance may vary depending on risk factors but will cover the basic expenses like data loss, restoration, extortion, legal fee, and regulatory fines up to a certain extend.
  • Keep your Anti- Virus Up to date– many small organisations either opt for a low budget anti-virus or none. But in protecting your business this is vital. Update your anti-virus software regularly. This will scan your monitor for unwanted files and malware and in some cases makes copies of sensitive data that may be subjected to Ransomware.
  • Use security tools to monitor network traffic – if you have an idea what is the traffic on your network and are there any anomalies, you are a step closer to better protecting the network from Hackers.
  • Filter emails– as one of the most common ways to attack your network, email and filtration of emails should be given priority. If the email ends up in the Spam or goes through content scanning and email filtering system, it is less likely to enter your workforce’s inbox and cause further damage. Educate staff on email best practices and raise awareness on the various types of email attacks and how to detect them. Create simulation environment to periodically test your workforce readiness to detect phishing emails.
  • Create data backup – make sure you are aware of what data is considered sensitive or highly important and what is not. Create a backup accordingly, in case you do happen to be a victim of Ransomware your content is safe and can be recovered in a timely manner. Create a hive of backup plan to ensure that data is backed up in a strategic manner with multiple footprints.
  • Segment networks– most phishing networks commonly attack developers, since they have wider access to multiple systems. Segmentation of network, limiting admin access, and encryption of data, is a necessity so that hackers do not have access to the entire network, thereby unable to encrypt or freeze the entire network and demand higher pay.

Should you pay Ransomware or Not?

An average ransom attack lasts up to a week. In fact, it isn’t even illegal to pay Ransomware, although forced encryption and demand for ransom is a federal offence. The victim will not be held liable for paying in such cases.

Although the USA has an official policy not to negotiate with culprits and giving in to hackers demanding Ransomware. It is widely believed that giving into the hackers’ demand will only encourage them to do this more often. Moreover, there is no guarantee that your data will be safely recovered post a ransom payment or if the attackers won’t target the network again.

Consider the below-given points on whether you should pay or not?

  • Weight the data against the price of the ransom asked- is it worth paying or can you afford to lose the data and not pay into their demand?
  • Are you familiar with cryptocurrency? Most hackers demand Bitcoin, which is not only expensive but hard to understand as well.

Unless you are already an investor, dealing in a cryptocurrency may be a very difficult venture while dealing with ransom hackers.

  • Consider it like a trade deal. While you may feel like a victim, consider whether you should pay the hackers or not as any other business deal, consider your gain or loss and make a decision based on it.
  • Consider the possibility there may not be a decryption key even though you have paid to get your data back.
  • Consider if you can get the decryption of the files through services like no more ransom. “No More Ransom” is a partnership between a group of European law enforcement organisations and McAfee that helps you post a sample of your encrypted file and if they crack the malware type and system you can recover your PC for free and not have to pay.

Overall it is ethically right to not pay since it encourages online attackers to leverage such opportunities more often. But at the same time, it is your data and you have to decide how important is it for you to recover it and is there a way to recover 100% of the data at the price quoted by the hackers. In many cases, hackers often give partial recovery and demand more money for a full recovery.

All of this, however, can be avoided by taking proactive measures to secure your network. Consider consulting a Ransomware specialist like CompCiti to develop and implement a plan to take measures for protection. Invest in ransomware before an attack is likely to be significantly less than what you may end up paying as a ransom when an attack happens. In the event of an attack, you pay a hefty price in form of a ransom (if you are to pay), potential data loss, dent in stakeholders’ confidence, and in some cases even clients due to lack of trust. Remember, it is not a matter of if but when the attack happens. Prepare and protect!


Source : https://www.theguardian.com/technology/2016/aug/03/ransomware-threat-on-the-rise-as-40-of-businesses-attacked

Source : https://www.techtimes.com/articles/245791/20191022/71-of-ransomware-attacks-target-small-businesses-are-you-ready.htm