Paying ransomware ransom?

rslade · ‎02-06-2019

I am firmly of the opinion that paying ransom, for ransomware, is a bad idea. It funds crime (and likely terrorism), increases the danger for you and everyone else (by increasing the incentive for blackhats to develop and release ransomware), sometimes you can get your data back anyway, and many times you pay the ransom and don't get your data back.

(What do I recommend for dealing with ransomware? Make a backup.)

But at a recent conference, some lawyers were advising people to consider paying.

(Well, yeah, I mean, lawyers ...)

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468

Shannon · ‎02-06-2019

@rslade wrote:
I am firmly of the opinion that paying ransom, for ransomware, is a bad idea. It funds crime (and likely terrorism), increases the danger for you and everyone else (by increasing the incentive for blackhats to develop and release ransomware), sometimes you can get your data back anyway, and many times you pay the ransom and don't get your data back.

Alas, probably the only people who really appreciate these words are those who take the risks seriously --- including those of us in IT Security.

Entities that haven't taken measures to ensure that their data is secured / backed up are likely to just pay the ransom and 'Hope for the best, since they never prepared for the worst.'

We can see this at both corporate and personal levels...

Organizations might opt to risk paying a ransom rather than face the business impact or legal consequences of a data loss. (All hail the lawyers!)

Individuals who are heavily dependent on their data & unwilling to be slandered for negligence may prefer to pay a ransom & hang on to their pride. (No lawyers needed here.)

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz