Paying the ransom: do or don’t?

Ransomware attacks are a hot topic nowadays. Although there are less, the ones still out there are becoming more and more sophisticated with a bigger impact. Unfortunately, no organization is immune to such attacks, and it therefore should be everyone’s concern how to deal with this. One of the main questions that might pop up is: should you pay the ransom when attacked? 

‘Ransomware: The True Cost to Business’, a recent global study by Cybereason, addressed the current situation on ransomware attacks. A diverse group of 1263 cybersecurity professionals were surveyed about this topic. Their concerns, experiences and whishes about ransomware gave an idea of how companies deal with it.  

The study starts making clear that it is important to remember that ransomware attacks cause many business implications. Those might be the most commonly known short term effects, like the disruption of critical business operations or ransom payment, or less considered long term implications: diminished business revenue, brand reputation damage or even closure of the business. This underlines the importance to correctly deal with ransomware attacks. 

So, is it worth it to pay the ransom?

There is no simple answer to this question. All ransomware attacks are in some way unique, and it is therefore important to consider different aspects to see if payment is the right way to deal with the attack. It might be helpful to have a look at the risks that are linked to paying or not. For example, the chances are positive that when an organization pays the ransom, the risk of not being able to operate decreases. However, the risk of sensitive data being shared with the world still exists. 

Even though the ransom is paid, this doesn’t mean the organization isn’t vulnerable anymore. 

Agamenon Pessoa (CTO Kahuna) says: “The impact is much larger than simply having your data encrypted by criminals. As if that wasn’t bad enough, it remains an open question as to how deep the attacker’s foothold is in your organization and what else they are going to do with it.

Paying the ransom is simply, if at all, a temporary fix, and it should be considered as a wakeup call to improve your cyber security posture.” 

It is thus strongly recommended to look at the current security landscape in the company to see what can be improved to be protected against another ransomware attack. Learn from the attack that is behind and protect against the one in front.  

Do you want to improve your cybersecurity posture?

Kahuna is here to help you mitigate the risks of a ransomware attack together with Cybereason, the team of defenders dedicated to end ransomware attacks. Meet them during our Kahuna Pre-Olympic Sportclinic to discuss this topic while joining a sporty challenge.