November 25, 2020

Should The Organizations Pay Ransom Following A Ransomware Attack?

Businesses and organizations are pretty much terrified by the recent surge in ransomware attacks. These malware attacks have crippled organizations of all kinds throughout the world. While some brands have lost their brand reputation and brand value, others are still fighting the odds out of the compromised services and hit share price.

How Are Ransomware Attacks Bane For The Organizations?

Ransomware attacks or malware attacks are caused by malicious threat actors (hackers with ill intentions) who breach the security of the companies to extract valuable data from the databases. What do they do with the data? These hackers demand a hefty ransom from the company authorities and promise to keep their data safe until they pay the ransom. When the ransom is paid out, ideally the hackers would decrypt the compromised system.

If a demanded ransom is not paid out within the provided time frame, the hackers expose all the compromised data to the public via dark web platforms or hacker forums. What people do not sometimes understand is that there is no certainty that on receiving the ransom from the victims, these hackers would not expose these data. But, expecting things would all be sorted out, the companies fulfill the ransom demands of the threat actors.

It has been seen under research that 29% of the victim organizations choose to pay the ransom to the threat actors. Around 70% of the SMEs pay ransom to receive the decrypt key from the hackers which makes it clear that paying a ransom is aggravating the condition of the organizations in all parts of the world and promoting ransomware threat that the hackers are looking forward to.

Should You Pay Ransom?

Here is the big question of whether you or the companies should pay a ransom. We would definitely reveal if you must or must not pay the ransom that the hackers demand and keep on pressing while taking all chances to cripple your businesses. We will discuss specific vital points that would help you understand whether or not to fulfill the demands of the malicious hackers and if yes, then when.

How Can You Pay Ransom Legally?

Well, it depends on the laws applied in the jurisdiction where the victim company operates. For example, the Australian jurisdiction has a law, the Criminal Code Act 1995 (Cth) that offers provisions and could arguably apply to the payment of a ransom. This could show that there was a risk where the expense of the ransom could uplift the crime and the person fulfilling the demands proves to be negligent to the risk.

The cybercriminals utilize the proceeds from the ransom payments for funding their illegal activities, and it could be argued that clearing such a ransom demand means a breach in the act has taken place.

OFAC, on the other hand, suggests that one should report any type of ransomware attacks to law enforcement and request a “license” for clearing the ransom in case you are willing to do so or believe that paying the ransom would help your company come out of the threat. But, at the same time, there are doubts that your request would get disapproval.

Does Paying Ransom Is An Immediate Solution?

The current situation gives us a crystal clear insight into two types of extortion scenario:

  • The cybercriminal actors mention that they have encrypted the data and if the victim wants to retrieve the compromised data, then he has to pay the demanded ransom.
  • The threat actors mention that they already have the victim’s data in their possession, and if the victim refuses to pay out, then they will leak the compromised data on the dark web.

With this comes two immediate questions:

  • If the ransom is paid out, do the threat actors keep their promise and give them the encrypted data?
  • If the ransom is cleared from the victim’s end, will there be no data leakage into the dark web?

If the data is leaked into the darknet, there is a definite provision of brand reputation getting stale. In this case, the only way out is to believe that the attackers will stand more assertive in their promise. So, the immediate solution is to pay the ransom. But whether the attackers would stay rigid in their commitment is not guaranteed.

The situation with the ransomware is likely not to go away anytime soon. Thus, it is better to avoid such kind of business decisions. The best steps to stay away from such harsh incidences is to keep the hackers at bay at the very first step. And to do that, the companies need to adopt adequate security hygiene that includes regular backups and frequent patching. You can also at a regular interval check for any data leaks on the deep web.


Original Article Published on: https://gumroad.com/darkweblink/p/should-the-organizations-pay-ransom-following-a-ransomware-attack