Should You Pay Up If You Get Hit by Ransomware?

Share
  • August 1, 2019

Zephyr_p/Shutterstock

It might be your worst nightmare. You turn on your PC only to discover it’s been hijacked by ransomware that won’t decrypt your files unless you pay up. Should you? What are the pros and cons of paying off cyber-criminals?

It’s a difficult problem, and one with many layers. To access your files, you might need to pay a hefty ransom. And then there’s the issue of cryptocurrency, which is ransomware’s preferred method of payment. Unless you’re already a crypto investor, you might have no idea how to begin the process of getting a Bitcoin account—and the clock is ticking.

And don’t forget—if you pay, there’s a decent chance you won’t be able to reclaim access to your files, anyway. There are also ethical questions about paying off criminals. As any good economist will tell you, any behavior you reward, you’ll invariably get more of.

Taking the High Road

So, what should you do?

“Oh, it’s really simple,” said Raj Samani, chief scientist, and McAfee Fellow. “Don’t pay.”

That’s an easy perspective when they’re not your files being held at virtual gunpoint, but still, it’s probably the right call. There’s a reason the U.S. has an official policy not to negotiate with terrorists, and giving in to ransomware demands does appear to encourage criminals.

The Wanna Cry ransomware.

Paying out “has given rise to Ransomware as a Service,” contends Sean Allan, a cybersecurity consultant who frequently writes about ransomware. In recent years, ransomware has become such a successful and lucrative business that hackers have packaged turnkey ransomware kits. These allow criminals with little (or no) technical experience to launch their own ransomware attacks with ease. And according to Symantec’s 2019 Internet Security Threat Report, there was a 400 percent increase in the number of attacks from 2017 to 2018. Arguably, much of that growth is due to the number of people and organizations that have paid the ransom.

Of course, not all experts take the high road. Todd Weller, chief security officer of Bandura Cyber, had this to say:

Read the remaining 22 paragraphs

Source : Should You Pay Up If You Get Hit by Ransomware?