2017 may have been the year when ransomware — malicious software that encrypts files and denies users access to them until decryption keys are paid for — rose to global infamy, but this year has also seen a spate of attacks against organizations large and small across almost every sector, from government to healthcare. A ransomware infection puts you in an awkward position, especially when mission-critical systems are concerned. Is it better to resolve the issue quickly by paying?
Before last year’s WannaCry struck victims across the globe, many people weren’t even familiar with the threat. Even now, many victims aren’t sure what to do after they are infected, but one thing’s for certain: you should never cave in and pay the ransom. Nonetheless, the security experts at Malwarebytes claim that almost 40% of victims still elect to pay the ransom.
Here’s why that’s a bigger mistake than they realize.
There’s no guarantee you’ll get your data back
The key to ransomware’s success is the urgency it imposes on its victims. They are given as little as 48 hours to decide if they want to pay to regain access to their business documents or personal files before these are deleted. In a state of desperation, victims will often go against the advice of cybersecurity experts and cave in to the promises of the criminals behind the attack.
Unsurprisingly, purveyors of ransomware are not honest people and there’s a good chance that they will demand additional ransoms after unlocking only a handful of encrypted files to demonstrate their “trustworthiness”. In other cases, the decryption methods are so poorly programmed that they don’t work at all. This year, the Global Ransomware Report carried out by Sentinel One found that only a quarter of companies who paid ransoms actually had all their files unlocked.
You end up funding future malware development
Every ransom paid feeds and encourages this disturbing and ballooning underground industry. Hackers rely on ransoms to fund and advertise evermore effective ransomware on the dark web. In fact, the alarming growth of ransomware-as-a-service (RaaS) has fueled the recruitment of new cybercriminals who make their money by purchasing and deploying plug-and-play malware that requires zero technical expertise.
Worst of all, 73% of companies that elected to pay the ransom were targeted again. And why wouldn’t they be? They showed hackers all over the world they were easy to hack and willing to pay.
There’s often a remedy available
If your business has fallen victim to a ransomware attack, there’s a possibility you can retrieve your data without paying the hackers, even if your backup copies have been encrypted too. Some ransomware, such as last year’s WannaCry, are so poorly built that third parties managed to unlock the decryption keys and provide them to the public.
In other cases, the “ransomware” might be a ruse designed to fool victims who don’t have enough IT experience to know if their files are truly encrypted or if they're just being scared into paying a ransom.
How to avoid ransomware disasters in the first place
The best way to avoid ransomware disasters is to carry out proactive measures. Aside from implementing several types of cybersecurity solutions — such as malware detection and round-the-clock networking monitoring — backup and disaster recovery programs can turn most ransomware infections into a minor inconvenience.
At a minimum, your data backup systems should regularly copy all your mission-critical files to an off-site data center that’s independent of your in-house IT systems. That way, if ransomware makes it past your network security controls, you’ll always have web-accessible backups to fall back on.
Arnet Technologies helps organizations in the Greater Columbus area get more out of technology without the security hassle. Our custom security solutions include VPNs, antivirus, spam protection, dark web-monitoring, patch management, and full backup and disaster-recovery services. Call us today to learn more.