Ransomware – Should I pay?

The “right” answer is no, you shouldn’t pay the ransom. This is similar to the stance the government takes when dealing with hostages. In principle, not paying ransom diffuses the whole process – the bad guys don’t get funded and the effort is for nothing.

Does it ever make sense to pay the ransom?

Consider this – I just read an article by Armor, Ransomware as a Service fuels explosive growth that said the average ransomware demand is about $679. Depending on the size of the company, downtime, and number of employees affected, recovering from a ransomware attack could easily take a day. We need to ask ourselves, does the cost in time, effort, loss of productivity, and possible loss of work for a day exceed the ransom demand? At a low, low price of $679, it may be a no-brainer.

While it is great to take a stand and not let the hackers get away with this, it is ultimately a business decision – one that may make sense.

What if they don’t give you the unlock key?

Depending upon the ransom demand, the decision to give it a try may be relatively simple, but you must decide whether the roll of the dice is worth it.

I’m willing to bet they will give up the key. Why? Because if hackers get a reputation for not producing the key, guess what – nobody is going to pay the ransom demand and the hackers aren’t going to make any money. They want to keep this party going for as long as possible!

In short, you need to make a business decision.  If the dollar figure is small enough, pay the demand, chalk it up to payment for lesson learned, and tighten up the security in your organization. The amount of money required to restore operations and the cost of downtime may easily usurp the dollar figure for the ransom.

Not sure if you have all of the correct security implementations in place? Do you know how Bit Coin works? Do you have a game plan for when it happens? The organization I work for, Peters & Associates, can help you assess your gaps and guide you through establishing a long-term strategy.  Contact us to speak with one of our security solution experts at info@peters.com or 630.832.0075.

By |2019-05-06T09:34:30-05:00February 22nd, 2017|Security Solutions|Comments Off on Ransomware – Should I pay?

About the Author:

With our expert IT team and technology, Peters & Associates provides full-service IT consulting, managed IT services, and IT security solutions in the Chicago area. Our award-winning work and proven successes help drive businesses forward. We solve challenges and build bridges to a better future with secure, scalable IT solutions aligned with your business needs and goals. A full service Chicago IT consulting firm, Peters & Associates has been successfully serving businesses in the Chicago area for over three decades with award-winning managed IT services and IT solutions for business, education, finance, manufacturing, and health care.