Would You Pay Ransomware Demands?

If hackers attacked your computer and locked away your files, would you pay their Ransomware demands? While most of us would be quick to say, “No,” it can be hard to say for sure until you are in that position. But last year, IBM Security released a study showing that 70% of businesses have paid to unlock their files. With so many businesses paying up, it may be tempting to follow suit. But be careful; paying ransomware demands rarely provides the expected results.

What exactly is Ransomware?

Ransomware is unique among cybercrime because in order for the attack to be successful, it requires the victim to become a willing accomplice after the fact.

— James Scott

Ransomware is an increasingly common extortion method that cyber criminals use to rob others. Essentially they install a special type of malware on computers to lock away the files. The computer’s owner then finds a demand for payment on their screen, or their files will be completely unusable. Ransomware will often encrypt all of the files on a system, and later criminals may increase the ransomware demand if they find they have infected a valuable system.

Why Shouldn’t I Pay the Ransomware Demands?

While paying the ransomware demands may seem like the best solution to get your files back, recent research shows otherwise. Symantec’s 2017 Internet Security Threat Report found that only 47% of people who paid the ransom got their files back. This means that paying the ransom only offers about a 50% chance to get your files back. And considering that ransomware demands for businesses are often $10,000 or more, paying the ransom could be an expensive gamble.

Paying Could Make You a Target

In addition to the expenses and low likelihood of getting your files back, businesses that pay may become targets for future attacks. Cyber criminals often keep track of paying victims and sell that information to others. In order to protect yourself from future attacks it is best to be sure to never pay ransomware demands.

What to do about ransomware

You need to prepare your systems for ransomware attacks if you don’t want to pay the demands. Proper backups are an excellent first step in preparation. Make sure backups are thorough and frequent, and be sure to test them regularly. Develop a proper plan for backups in order to make the process go smoother. If you need help with these plans, Astria is ready to assist you in Disaster Recovery planning.

In addition to backups, a good, layered security strategy can minimize what ransomware threats ever make it to your system. Remember that there is no magic bullet solutions and that it is better to have more than one cyber security tool in place. Again, Astria is happy to help you in choosing and installing the best solutions for your business.

If you need to recover from ransomware, you may be able to decrypt your files. Researchers have found ways to break some ransomware and have provided free tools to restore your files. NoMoreRansom.org is an excellent website to check if your system has ransomware installed.

Finally, don’t forget the risks involved if you do decide to pay. Often the dangers of paying are greater than the benefits of a quick fix when you think about paying ransomware demands.