So, why is this a problem?
Both of the above attacks threatened the delivery of fuel and food. Wouldn’t paying the ransom make sense to restore those supplies? Not exactly. There are 3 problems with this tactic:
- Paying the criminal just encourages more attacks
- There is no guarantee that the decryption tool you receive will work to restore your data
- There is no guarantee that the hackers won’t release the data they have stolen into the wild anyway
A study by Cybereason found that 46% of those who paid the ransom were not able to recover all their files, and 3% weren’t able to recover any at all. Max Eddy of PCMag wrote that Colonial Pipeline “coughed up the cash only to find that the decryption tool they got in exchange worked too slowly to be meaningful. Their $4.4 million ransom bought them nothing, in the end—but it almost certainly funded more ransomware attacks.”
Tips to Avoid Having to Pay Ransom
The reality is that once you have been attacked by ransomware, the damage has already been done. If the hackers stole some of your data before they encrypted it, there’s a good chance it will be leaked in the future. Regardless if you do pay the ransom. So, stop paying ransom and do these four things instead.
- Always backup your data and ensure the copies are kept off site and offline to avoid having those contaminated with ransomware too.
- Use antivirus software to prevent common strains of ransomware from getting into your network.
- Use multifactor authentication everywhere possible to avoid a hacker from stealing a login and installing ransomware on your systems.
- Implement cyber awareness training for all staff so that they recognize phishing emails, and more importantly, don’t accidently download ransomware.
Note, be careful if you’ve been attacked by ransomware and are ready to restore your systems from the backups. Ensure you have done an investigation into how ransomware got into your systems and have cleaned them thoroughly.
As you can see, having to pay ransom really isn’t as useful as protecting yourself from cyber attacks in the first place. QuickProtect offers the protection, guidance, and support you need to protect your business. We provide real-time ransomware protection, off site and offline backups, cyber security user education, and ransomware recovery insurance.