In the event of a ransomware attack, when your files are locked up, there’s only one question which comes to mind. To pay or not to pay? It is one of the most difficult choices, decline and get your data back through other means or pay the ransom and risk getting a key or not which is all up to the cybercriminal.
Data is not a human life
From the term ‘ransomware’ alone, it’s impossible not to see the attacks and the hackers who launch them as human hostage-taking scenarios. But these events and the doctrines behind the responses are necessarily different. If for no other reason, the data being held hostage should never be anthropomorphised – data is not a human life.
Despite all the similarities, the data encrypted by ransomware cannot appeal to its captors for aid or freedom. It does deteriorate as time passes, it cannot make escape attempts on its own, and it does not suffer emotionally or physically in captivity. Moreover, an unlimited number of perfect clones could have been made before the attack. A simple reminder that the data is not a human life should bend the conversation and decision-making just enough.
Ransomware attacks and the associated harm can be massive. But does paying the ransom exacerbate the problem? Do the benefits of paying the ransom accrue only to the individual victim and hackers, and do the damages of paying always harm the collective?
The amount of ransom paid to have data restored versus its replacement cost has become an actuarial exercise and less of a moral dilemma, despite a rising cry for unity among those who believe the ransoms should never be paid in order to dissuade the bad guys from launching further attacks…visit – siliconrepublic to know more.
Cyber insurance’s impact on the decision to pay a ransom
It is likely more companies and municipalities will use their cyber insurance coverage to offset any potential costs related to being hit with ransomware, including paying the ransom, says Judy Selby, an insurance lawyer specializing in assisting firms purchasing cyber coverage.
“If you have the coverage you may as well take advantage of it,” Selby says, although she does not believe having the coverage will lead to victims simply opting to pay because the insurance companies will demand every other method of recovering the data be tried first.
However, as with any policy, putting in a claim is likely to result in higher premiums down the road. Selby says right now pricing is still pretty soft, but she expects to see a bit of tightening in the cyber insurance market as it matures and it becomes easier for insurance actuaries to get a handle on these types of claims.
“We have data on every other industry, but little on cyber,” says Jeffrey Smith, managing partner at Cyber Risk Underwriters, during a presentation at Black Hat in August.
Other factors likely to come into play are insurance companies demanding their customers put proper cybersecurity measures in place during the underwriting process and possibly turn over control of any ransom negotiation or recovery process to the insurance company and its partners. This could be particularly true in cases where negotiations and haggling take place with the attacker over the ransom amount, Selby says, adding that this will be quite helpful for small businesses and municipalities that do not have the internal resources to deal with the situation…read more at – SC Magazine.
What If You Pay?
You can’t decide whether to pay a ransom demand based on the argument of better angels, though. This is your data we’re talking about. So, consider, if you do choose to pay, there’s no guarantee you’ll get your files back, anyway. Experts disagree on the odds of recovery, but there’s a fair chance you’ll pay and either not receive the decryption key or receive a key that doesn’t work.
“Criminals aren’t interested in customer service,” quips Marius Nel, CEO of tech consultancy 360 Smart Networks.
Indeed, a decryption key might not even exist for your variant of ransomware. If you’re somehow caught in the crossfire of an attack aimed at a nation-state, or by a tool designed initially to attack states that has been repurposed for mundane criminal acts, there might be no key by design.
“Nation-state attacks are designed to damage, not extort,” said Nel.
And don’t forget (Robin Hood and the crew of Serenity notwithstanding), there’s relatively little honor among thieves…to know more, visit – How-To Geek.
How to Protect Against This
Obviously, the best way to address this problem is to avoid getting attacked in the first place. Many of these attacks are caused by the same things: open ports, phishing emails and software vulnerabilities. Properly limiting system and network access, securing accounts with multi-factor authentication, training employees on phishing attacks, and keeping systems updated with the latest patches are the best ways to keep systems secure.
The second-best option is to have a solid disaster recovery plan in place. Backups are essential for restoring data, but unless the recovery plan has been thoroughly tested, the actual process of recovering systems rarely goes as smoothly as hoped, especially when bringing live systems back online…read more at – govtech.
Conclusion
The best thing is to do one thing which is to avoid ransomware in the first place. Emails are the number one vector through which ransomware is spread. The first thing you need is user education along with email security services which can help you be safe against all kinds of malware and ransomware attacks.
Mason Talks 