Ransomware: Why paying the ransom is a bad idea for everyone in the long term?

Danny Palmer of ZDNet explains that some cyber insurance companies encourage their clients to pay the ransom to get back to work as quickly as possible, but this is how this only causes more problems. Read more: https://zd.net/2OaoVSf

The number of organizations that are yielding to the extortion demands of cybercriminals after being victims of ransomware attacks has more than doubled this year.

An increase in the number of ransomware attacks in the last year has contributed to the increase in the number of organizations that choose to pay a ransom for the safe return of networks blocked by file encryption malware.

That agrees with the figures of the recently launched CrowdStrike Global 2019; Security Attitude Survey, which said that the total number of organizations worldwide that pay the ransom after being victims of a supply chain attack has more than doubled from 14% of victims to 39% of those affected.

In the United Kingdom specifically, the number of organizations that have experienced a ransomware attack and have paid the price requested for the decryption key is 28%, double the 14% of the previous year.

While cybersecurity providers and law enforcement recommend that victims do not finance criminal activities by giving in to extortion demands, in some cases organizations see it as the fastest and easiest means of restoring their networks.

But, because victims still pay bailouts, which regularly amount to six-figure sums, cyber criminals will continue ransomware campaigns and probably extend them further, especially because the chance of being caught remains low.

However, despite the success of ransomware attacks, especially those that have compromised the entire infrastructure of entire organizations, there are some relatively simple means to prevent attacks from causing damage.

If organizations ensure that all systems and software on the network are up to date with the latest security updates, it is very important to prevent ransomware attacks from being successful, as many campaigns depend on exploiting known vulnerabilities.

Organizations should also ensure that default passwords are not used on the network and, when possible, two-factor authentication should be applied, this will prevent hackers that manage to violate the network from moving and causing more damage.

But in the event that a ransomware attack is successful, organizations can ensure that they do not need to pay the ransom by regularly creating a backup of their network and ensuring that the backup is stored offline.

