Information Security: Should businesses give in to hackers’ ransoms?

What should your business do if it gets hacked? Millions of people have handed over sums of money to try and get their data back, but sometimes to no avail. Is there ever any gain from paying a hacker’s ransom?

© Quazie (CC BY 2.0) Cropped

© Quazie (CC BY 2.0) Cropped

It should be decided on a case-by-case basis

Each case of cyber extortion is unique. Ilia Kolochenko, CEO at High-Tech Bridge said: “Nowadays distributed denial of service (DDoS) attacks are very common, but whether or not to pay a ransom should be decided on a case-by-case basis.”

“Almost every minute a new DDoS attack targets someone for political, economic or other reasons. Unfortunately, not much can be done to fully prevent large DDoS attacks, as it’s only the question who will invest more – the company into IT and security infrastructure or the hackers into a botnet.”

Companies have, and do, give millions away to hackers to try and get their data back.

Paul Burns, national technical director at Technology Services Group, said that the FBI estimated that Cryptolocker acquired $27 million in ransom payments in just the first two months it was operating.

“However, the more we give in to these criminals, the more they’ll do to hold us to ransom,” he said.

“By applying adequate and robust backup routines it should be possible to recover data without resorting to ransom payments.

It can encourage financial fraud if you give in to demands

Guy Bunker, product and cyber security expert at Clearswift cyber security solutions said: “Giving in to the ransom is bad in two ways… Firstly, it encourages more attacks, but more importantly it opens the way to increased financial fraud.”

“This isn’t just the case with DDoS attacks, but also for the systems, including consumer-based, which are targeted and then encrypted with Ransomware such as the latest batch of Cryptolocker attacks.”

Giving in provides an incentive to do it again

“If you pay, you provide motivation for the criminals to do it again,” said Catalin Cosoi, chief security strategist at technology security company Bitdefender.

“It’s usually cheaper to buy more bandwidth and processing power and work with ISPs to do a bit of smart filtering and shaping.”

It also encourages the illegal business model to stay alive, and may spark more attacks from others who have seen that companies are willing to pay.

Paying ransoms could give hackers access to your data

Rory Innes, head of cyber security at Salamanca Group said: “Paying ransoms is a false economy. Once you have paid, there is no guarantee that the hackers are not embedded in your network and accessing your information. The first step should be trying to get rid of the malware in the usual manner – using anti-virus solutions.”

There’s never a guarantee of getting your data back

Once your service has been breached, or the service has been denied to users, paying a ransom is not an easy way out.

Chris Boyd, malware intelligence analyst at Malwarebytes said: “Our advice is to never pay the ransom – you don’t know if the hacker will unlock the files. Most security programs can remove the infections, but little can be done in relation to the encrypted files.”

“Users or organisations should never give in to ransoms as there is no guarantee of getting your data back, let alone it being useable again,” said Amar Mohammed, solutions specialist at Thirdline.

“Hackers don’t care about the emotional effects of what they are doing, their sole purpose is to provide disruption to the system.”

Tags: , , , , ,