Ransomware Attacks: Paying The Ransom Might Not Always Be A Bad Option

Imagine a situation like this: One day, you as well as your whole company receive a notice of what has always made you dreadful thinking about: all the top-secret business information of the organization has been encrypted and can only be taken back by paying money. You would be pissed because not only the company is now forced to operate in a completely different way, but also you may have to give out money for the person’s wrongdoings. Advisors all give the same old traditional suggestion: “Don't negotiate with terrorists! Never pay the ransom!”

After the sudden attack, the business has ceased to operate normally and the monetary damage for it is piling up minute by minute. As the situation carries on, the whole company is now frantically finding new directions to get the organization back on its feet. Everybody, from executive managers to paid employees, is being put under an extremely stressful condition. Amidst the chaos, as you are the one holding all responsibilities to the organization and its shareholders, you do not have the luxury to give much thought to whether to pay the ransom.

Now, what would happen if that situation is no longer an imagination but has occurred in real life? Baltimore city would be able to answer that question after being under a cyber ransom attack for almost a month. The invasion has a great effect on obstructing every function of the city, from the department of finance to the police department. Not only that, but it also caused the city to lose approximately $18.2 million in the midst of the utterly confused situation. A notice of ransom came during the confusion, requesting the price for the decryption keys would be roughly $76,000 in bitcoin. Notwithstanding, the Baltimore mayor has followed with the traditional advice of not negotiating with the cybercriminal. This decision has been proven to be totally imprudent.

Even though there are already a lot of opposing opinions in paying ransoms, many organizations now consider the negotiation and paying for the decryption key a part of the recovering process, as noted by Forrester. Here are some reasons for that:

• Conventional knowledge wouldn't be helpful in this situation and neither are emotion and platitudes. They will not help you to formulate the best recovery path for your business.
• Recovery is a difficult process even when you have backup data that somehow get through the invasion. Many companies are now only basing their recovering on existing knowledge about what has been backed up or miscalculating the scope of the damage they must be prepared for after the attack.

However, the guidance of Forrester will not act as a definite suggestion on the decision to settle with the ransom or not, but only to take ransom paying as a valid recovering method amongst others in an effort to make sure you are doing what is best for your business.