To pay or not to pay – that is the question – and a major one after an organization falls victim to a ransomware attack.
Although it may seem like the easiest solution to what can otherwise become an even bigger problem, paying ransom for a cyberattack will leave you dealing with more issues. So instead, save your money and invest in your company’s cybersecurity.
Paying the ransom is a roll of the dice. You can hope that the cybercriminals extorting your organization will give you the correct decryption key to access your data once you pay the ransom, but the bad actors have no obligation to do as they promised.
Since payments are made through anonymous means, such as cryptocurrency transactions, you may not be able to track any actionable data to help get your money back.
In this way, the cyber criminals win, and your organization’s reputation will take a hit.
All industries are at risk of a ransomware attack, including healthcare, construction, retail, pharmaceuticals, hospitality, education, and the financial sector.
Organizations that choose to pay the ransom, particularly to cyber threats outside of the U.S., run the risk of paying groups and individuals whom the government has imposed sanctions against. This would leave your organization open to legal action.
In a 2020 ruling, The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) and the Financial Crimes Enforcement Network (FinCEN) declared it illegal to pay a ransom in many cases. OFAC’s advisory specifically pointed to sanctions against groups located in countries such as Iran, Russia, North Korea, and Syria.
Making ransomware payments to such entities would violate OFAC sanctions and heighten the risk of cyber terrorists using those payments to fund other attacks, jeopardizing U.S. national security.
The more organizations choose to pay for ransomware attacks, the more sophisticated the extortionist’s techniques become.
Although ransomware attack techniques have remained relatively static over the years, some cybercriminal groups like BlackCat, have begun using complex malware. BlackCat surfaced in 2021, offering its expert ransomware technology to any bad actors who wished to leverage it.
As companies cannot guarantee that they will not be targets of a ransomware attack, they should create proactive security awareness plans to minimize threats.
Ways your company can protect its data are:
By implementing a proactive security strategy, your organization is better prepared to deflect any cyberattack attempts, keeping your data secure and out of the wrong hands.