“It isn’t that simple”
Paul Starr, CEO, SEP2
What would your advice be for customers if they are hit by ransomware? Should they pay?
Paying a ransom would be the last thing I would want to do, but in a real word scenario, it isn’t that simple.
Faced with this dilemma, the organisation has to consider many things, what and who is affected, what can I restore or recover, how critical is the data, what is the minute-by-minute cost to the organisation, how fast do I need it back online – the list of eventualities is long.
These are already hard enough questions, but in a high-pressure situation like a ransomware attack, it might seem reasonable to choose what looks like the fastest solution.
If the ransom is paid and the organisation is lucky enough to get the keys to unlock the data, that could cause you organisation to become a target and green light for future attacks and sadly it is supporting the attackers’ business model, not to forget the ethical issue of funding crime.
Unfortunately, paying won’t guarantee data recovery. Some organisations report partial or zero recovery of data after paying the ransom.The organisation also needs to swiftly identify the cause to prevent recurrence, or it will find itself in a vicious cycle.
In the end, paying the ransom is risky and does not fix the underlying problem (how the criminals got in and ran the ransomware). The choice to pay ransomware attackers is complicated and hotly disputed. Any such decision must be made by the top leaders of an organisation and involve law enforcement and regulatory bodies.
To pay or not to pay? Where does Saepio Solutions Co-Founder Robert Pooley stand? See next page for more…
