Ransomware – Should I pay?

The “right” answer is no, you shouldn’t pay the ransom. This is similar to the stance the government takes when dealing with hostages. In principle, not paying ransom diffuses the whole process – the bad guys don’t get funded and the effort is for nothing.

Does it ever make sense to pay the ransom?

Consider this – I just read an article by Armor, Ransomware as a Service fuels explosive growth that said the average ransomware demand is about $679. Depending on the size of the company, downtime, and number of employees affected, recovering from a ransomware attack could easily take a day. We need to ask ourselves, does the cost in time, effort, loss of productivity, and possible loss of work for a day exceed the ransom demand? At a low, low price of $679, it may be a no-brainer.

While it is great to take a stand and not let the hackers get away with this, it is ultimately a business decision – one that may make sense.

What if they don’t give you the unlock key?

Depending upon the ransom demand, the decision to give it a try may be relatively simple, but you must decide whether the roll of the dice is worth it.

I’m willing to bet they will give up the key. Why? Because if hackers get a reputation for not producing the key, guess what – nobody is going to pay the ransom demand and the hackers aren’t going to make any money. They want to keep this party going for as long as possible!

In short, you need to make a business decision.  If the dollar figure is small enough, pay the demand, chalk it up to payment for lesson learned, and tighten up the security in your organization. The amount of money required to restore operations and the cost of downtime may easily usurp the dollar figure for the ransom.

Not sure if you have all of the correct security implementations in place? Do you know how Bit Coin works? Do you have a game plan for when it happens? The organization I work for, Peters & Associates, can help you assess your gaps and guide you through establishing a long-term strategy.  Contact us to speak with one of our security solution experts at info@peters.com or 630.832.0075.

By |2018-12-18T12:17:23-05:00February 22nd, 2017|Security Solutions|Comments Off on Ransomware – Should I pay?

About the Author:

As the Information Security Architect at Peters & Associates, Thomas Johnson (TJ) is responsible for providing security and compliance leadership. This includes such areas as vendor management, disaster recovery, business continuity, data protection, security products, budgeting and risk management. He has over 25 years of experience in security and technology and has extensive compliance related expertise in banking and healthcare. TJ holds many security related certifications as well as a Master’s Degree in Information Technology Management with a specialization in Information Security from the Illinois Institute of Technology in Technology. TJ focuses on Security Leadership, Risk Management, Information Security Assessments, Compliance Management and DR / BCP.