Ransomware is turning into a global menace. The malicious software can encrypt your files, folders or lock your computer and blast an alarming message on your screen demanding payment. Usually, a cyber attacker asks for money in bitcoin because cryptocurrency is more challenging for law enforcement to trace than conventional payment mediums.
Paying a ransomware attacker immediately after an attack is pretty tempting. The stress of losing access to your data or systems can feel overwhelming, especially if it impacts the productivity and reputation of your business. But immediately giving the ransom may not be the best decision for the following reasons:
You May Not Get Your Data Back at All
Regardless of how fast you pay the attacker, you may not get your data back at all because some strains of ransomware like WannaCry can’t track payees. To be specific, online gangs using WannaCry can’t associate payments with victims because the ransomware code is faulty. In addition, many ransomware gangs don’t care about your data — they only care about the money. After receiving payment, some criminals disappear to covert their tracks without sharing a decryption key with the victim.
It Encourages More Attacks
It’s not a coincidence that you see more news reports of ransomware attacks. From hospitals to pipelines to businesses of various sizes, the malware strikes targets with greater frequency because victims willingly pay their attackers. For many cybercriminals, a ransomware attack is a low-risk and high-reward activity.
You May Be Hit Again
Many victims of ransomware realize that only part of their data is available after paying a ransom. Upon questioning their attacker, they’re told that they must pay another installment to access more files. Some businesses end up paying several tranches before getting complete access.
It’s also not uncommon for hackers to target the same businesses a few months later with ransomware attacks. Even if your ransomware defenses are more robust, it doesn’t make you invulnerable to a new threat.
The Ransomware Gang Could Try Double Extortion
The challenges may not end even after you recover your files and folders. Many ransomware gangs specialize in double extortion tactics by exfiltrating your data and threatening to release it unless you pay more money — falling for their initial strategies only encourages them to try more scams.
You May Have Other Options
A ransomware attack doesn’t have to be devastating. You may be able to recover most of your critical data if you create regular backups. Air-gapping your copies is also a good idea. But when accessing backups, please avoid connecting them to infected computers or devices.
You can also use a ransomware protection tool that scans and remediates malicious software threats. Alternatively, get in touch with a cybersecurity team for help. They may have the decryption key that unlocks your files without paying a hacker. An IT specialist could also help you insolate the malware before it spreads to other systems in your organization.
If you’ve exhausted all options and want to try paying the ransom, please contact law enforcement first. Although it’s rare, the authorities can recover ransom payments after an attack.