Ransomware is becoming more prevalent, with more and more organisations being caught everyday. Sometimes organisation discover that their backup and disaster strategy is not up to date and they are caught short. The question is should they pay the ransom to retrieve their data? To pay or not to pay?
The recent outbreak of Wannacry (and its variants) is the latest in a string of crypto ransomware targeting business. It has turned into a billion dollar industry. The ransoms are increasing and the technologies used to infect systems becoming smarter and more complex, and harder to identify. So what if you are caught short of having a up to date backup? do you pay the ransom? Let’s be clear the inventors and distributors of ransomware are not legitimate businesses, and they are using blackmail to get you to pay the ransom. Can you be sure these criminals will hold up to their end of the bargain. If you pay the ransom does that give them incentive to try and infect others.
Ultimately it will be a case by case basis, and a gamble that you will be provided with the decryption key. Every organisation is different and time taken to resolve the infection may in itself be critical. Sometimes it comes down to the bottom line, the risk of paying and the amount of the ransom, may be less of an impact to recovering your data, so it’s worth the cost.
My first instinct is not to pay, but that is a hard line when all your data is at risk of being lost forever. Best to make sure you have systems and practices, in place, that minimize your risk of exposure.