July 11, 2019 | Cyber Security, Industry Insights

Ransomware. To Pay Or Not To Pay? That Is The Question.

Share This:
Featured Image

If you haven’t been the victim of a ransomware attack yet, you may be someday soon. According to research by the cybersecurity company, Malwarebytes, six of every ten malware infections during the first quarter of 2017 were attributed to ransomware.1 If and when it happens to you, you will have to decide whether to pay the ransom or not. Here are some things to consider that may help in coming to the right decision for you.

If You Decide To Pay

If you pay the ransom, you may get your data back and your operations can return to normal. You can reduce business interruption, although investigation and remediation of any damage to the system is still necessary.

If you pay the ransom, at least there’s a better chance of getting your data back. But there are a few things to consider. First off, bad guys aren’t known for keeping their word. In recent large-scale attacks, the emails associated with digital currency payments were disabled shortly after the attacks and there was no way for the attackers to track who paid ransom and who did not. In other attacks, hackers simply took the money and never provided the encryption keys. In still others, once a ransom was paid and the attackers provided the encryption key, they returned and attacked again.

Another thing to consider if you decide to pay the ransom is that you will likely need to purchase digital currency to do so. That is not the easiest thing to do when you’re under pressure and have never done it before. Bitcoin is usually the currency requested and can be purchased through an online exchange, but the transaction is not immediate. It can take anywhere from 24 hours to several days to set up an account and process a transaction. For that reason, if you determine that you’re inclined to pay ransom, you may want to purchase some Bitcoin or other digital currency to have on hand to facilitate the transaction. However, be mindful that you will need to have access to the funds should your system become encrypted, so you will want to set up your account and store your currency somewhere separate from the system you wish to protect.

Although the media have reported a few ransomware cases with demands that range from tens of thousands to millions of dollars, the average demand in 2016 was $679.2 If you plan to purchase digital currency to have on hand in case of a ransomware event, purchasing between $300 and $1,000 would meet the demands of most attackers.

If You Refuse To Pay

The Federal Bureau of Investigation strongly urges us not to pay ransom.3 Paying ransom fuels the ransomware business, providing incentive for the bad guys to keep on doing it.

The down side of refusing to pay is that you won’t be able to access your data, at least not right away. This is where it’s important to have a forensic investigation to determine what type of ransomware was deployed. If you know the type of malware, the chances of resolving the issue are much higher. In many cases, security companies publish free encryption keys that unlock particular ransomware.

Yet, if you are diligent about back ups—backing up to the cloud and to a removable device—you may be just fine. The most inconvenience and expense attached to the attack may be the time spent installing your backup.

An Ounce of Prevention Is Worth More Than Paying Up In Bitcoin

There are two simple things you can do now to reduce your chances of becoming a victim of a ransomware attack. First, make sure your data is backed up both to the cloud and to a removable device, like a flash drive or removable hard drive. Ensure the data are backed up and make sure that when the back up is done that the removable device is disconnected. More sophisticated ransomware attacks encrypt the computer, the network, cloud files and devices attached.

Second, install security updates to your operating system, software and devices. If you keep on getting messages flashing at you to “install updates,” do it. The most recent ransomware attacks that caused the most damage worldwide exploited the fact that companies and individuals did not take the time to install security updates even though they were free and available.

 

Contains copyright material with permission from The Hartford Steam Boiler Inspection and Insurance Company.

 

——————

1 Malwarebytes, “Cybercrime Tactics and Techniques, Q1 2017.” (https://www.malwarebytes.com/pdf/labs/Cybercrime-Tactics-and-Techniques-Q1-2017.pdf)

2 Symantec, “An ISTR Special Report: Ransomware and Business 2016,” (https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/ISTR2016_Ransom ware_and_Businesses.pdf)

3 FBI Public Service Announcement, “Ransomware Victims Urged to Report Infections to Federal Law Enforcement,” September 15, 2016. (https://www.ic3.gov/media/2016/160915.aspx)

Share This:

Related


2024 NCBFAA Scholarship & Application Announcement

Roanoke Insurance Group is delighted to once again sponsor  a $5,000 scholarship to students intending to join the trade industry. The National Customs Broker and Forwarder Association of America (NCBFAA) offers this $5,000 scholarship award yearly and will be presented to the winner at the NCBFAA annual conference in April 2024. The topic for this year’s scholarship will be “What are the key steps an organization should take to ensure that training, auditing, and engagement with a licensed customs broker and the sharing of industry information are effectively relayed to all employees, as well as properly documented to substantiate compliance […]

Events, Industry Insights

How to Protect Your Company from Nuclear Bodily Injury Verdicts

The liability landscape for the trade and transportation industry is changing. Carrier accidents on the road resulting in bodily injury and property damage (BIPD) claims pose a real financial threat to brokers, forwarders, and other transportation intermediaries. Recently, the number of large trucks involved in fatal crashes and the resulting jury awards have skyrocketed. Inconsistent application of the law has put the burden of these “nuclear verdicts” on not just the carriers but also the broker-forwarders responsible for hiring the carriers. This volatile litigation landscape and the rise in “nuclear verdicts” has specifically led to two related issues for transportation […]

Industry Insights

Informed and Motivated Employees Are Your First Line of Defense Against Cybercrime

While cyberattacks caused by sophisticated cybercriminals and the advent of artificial intelligence (AI) make headline news, human error continues to drive most cyber events. According to Harvard Business Review (HBR), more than 80% of cyber incidents are attributed to end-user error. The worldwide cost of cybercrime was estimated at $10 trillion in 2023 and is expected to more than double in the next four years. In addition, in a 2022 study by Stanford University, 90% of ransomware attacks originated through phishing emails to employees, according to an article by Maria Long, Vice President, Cyber Underwriter & Risk Management Portfolio Leader […]

Cyber Security

Roanoke is the leading provider of insurance and surety solutions for transportation and logistics providers. In fact, we are recognized as the most reliable source for U.S. customs bonds.

Contact

If you have any questions or need help, feel free to contact with our team.

800-762-6653

US CORPORATE HEADQUARTERS

1501 E. Woodfield Road

Suite 400W

Schaumburg, IL 60173


CANADA CORPORATE HEADQUARTERS

390 Bay Street

Munich Re Centre, 22nd Floor

Toronto, ON M5H 2Y2

Solutions that Go the Distance.

© 2024 Roanoke Insurance Group Inc.

Better Business Bureau logoCoverholder at Lloyd's logo