Ransomware Infections: Why You Should Never Pay Up

There’s nothing that can send an icy trickle of fear down a company’s figurative spine like the word ‘ransomware.’ Ransomware can bring even the largest corporations to their knees. It already been demonstrated by attacks like those committed against Colonial Pipeline or the DC Police Department. While ransomware attacks are not a new trend, what is changing is how companies deal with them.

While many organization still get their feet under them when it comes to preparing and protecting themselves against the variety of sophisticated attacks employed by hackers, they are being forced on a steep learning curve. Ransomware attacks have become one of the fastest-growing threats in the cybersecurity realm. It’s estimated that a ransomware attack happened every 11 seconds in 2021. With no evidence that these threats will decrease in the coming years, making sure your company is prepared to face a ransomware attack is critical.

How to prepare for and avoid a ransomware attack

With so many organizations falling victim to ransomware attacks, it may feel like the deck is stacked against you. But there are still plenty of ways you can protect yourself from attacks. The first thing you should do is to stay prepared. Having an incident response plan that covers how your organization will monitor, detect, and respond to an attack is your first step to safety. If you don’t have the expertise to prepare for an incident response plan, you can work with a good IT support company to help you draft one.

Your incident response plan should cover backup, recovery, and a company-wide communication plan (as well as an external communication plan, if it’s necessary). It should designate roles for employees and give them detailed instructions on what’s expected of them if you face a ransomware attack.

You should also be providing your employees with tailored cyber security training on an ongoing basis so that they can detect and avoid malicious intent, like phishing emails and infected downloads.

You might also want to practice recovering. See how your incident response and recovery plan plays out by conducting simulations and exercises with your employees and with your software to see how they hold up. The scenarios you create should ideally test the effectiveness of your response and highlight any areas that may require improvement.

What to do if a ransomware attack happens

Even our best-laid plans can go awry, which is why it’s also equally important to be ready for the fact that you might end up being waylaid by a ransomware attack, even if you have planned for it.

If a ransomware attack takes over your systems, you may start questioning what you should do. You may even wonder if you should give it to the hackers’ demands and pay the ransom to get your business back on track. If that’s what you’re considering, here are five reasons you should never pay up.

1. It encourages more attacks.

While it might not matter to you in the heat of the moment, paying up ransom demands ultimately only encourages more hacker groups to commit ransomware attacks and to demand more money. Payment justifies the attack and funds the organizations performing the attacks. This allows hacking groups to fund even more advanced hacking techniques and software. It renders other victims incapable of fighting back.

2. You may not even get your data back.

While the hackers holding your data hostage may promise that your data will be returned to you if you pay the ransom, this might not be the case. The hackers might corrupt the data, release it, or just not give you the decryption app and leave you stranded while they take off with your hard-earned money. Paying a ransom to hackers is equivalent to placing a bet at a slot machine: it’s a gamble, and a dangerous one at that.

3. Even if they give you a decryption app, it might be abysmally slow.

Corporations that have given in to ransom demands learned this lesson the hard way. Even if hackers stay true to their word and provide a decryption app to grant you access to your data again, the app might be so slow that it makes more sense to do it yourself manually.

It’s not in the best interest of hackers to get you your data back quickly, and it really doesn’t benefit them to do so. At that point, they have what they came for: your money.

4. Your company might get sanctioned over it.

This might be a hard pill to swallow, but if you pay the ransom, you may get penalized for it by your government. During the COVID-19 pandemic, the increasing number of cyberattacks prompted the U.S. Treasury to issue a statement warning businesses that they were at risk of sanctions if they paid a ransom to hackers.

While you may wonder why the government would punish businesses for just trying to get their data back, it’s essential to remember that the organizations funding these attacks aren’t just teenagers in their basement or people working out of a coffee shop. Often, these organizations are well-funded fronts for foreign nation-states, terrorist organizations, or other destructive bodies looking to support even darker causes.

5. They might increase the demand.

Even if you pay every penny, the hackers might just return to you with a demand for more money. In a statement about cyberattacks, the FBI discussed the risks of paying, one of them being demands for a bigger ransom from the same victim.

It stands to reason that shady cybercriminals will not have a regular moral compass. So when they realize you’re willing to pay for your data, they have little reason to not increase the demand. All they’re gambling on is getting more out of you, while you risk your financial stability and data.

What does the future hold?

While cyberattacks are becoming more sophisticated, the means to combat them are also becoming bolder. Preparing is the key to facing down your adversaries. If and when they come knocking, you should have a team of trained individuals at your call who can help you choose the best response plan. And always remember to create multiple secure backups of your data to prevent any data loss.