Ransomware: Should You Pay Up?

Ransomware is an ongoing threat that lines the pocket of cybercriminals; but should you pay the ransom following an attack?

A particularly troublesome variety of malware, ransomware infects systems, encrypts data, preventing it from being accessed without a unique decryption key. If the victim wants to see their data again, they have a few options. First, they can restore their data from a backup, if a recent one is available. Second, if the ransomware is known, there may be known fixes out there. Finally, the risky option – pay the ransom in exchange for the decryption key. Not only can this be costly, there is no guarantee that the payment will result in the decryption key being handed over. Moreover, the act of bowing to the demands of cybercriminals may actually spur them on, encouraging the development of new strains of ransomware. The average cost to recover from a ransomware attack has skyrocketed in recent years, thanks to cybercriminals targeting big businesses in the hope of extorting more money.

According to the quarterly Ransomware Marketplace report published by cybersecurity company Coveware, in 2019 the average ransom payment increased by 104% from $41,179 in Q3 to $86,116 in Q4. In particular, the Ryuk and Sodinokibi ransomwares have started to target large-scale enterprises, in some cases attempting to extort seven-figure ransoms.

So should you pay the ransom? Police and other agencies always advise against paying for several reasons. As mentioned above, even when the money is handed over, there is no guarantee that the decryption key will be handed over. But even if the decryption key is provided, allowing the affected data to be accessed again, paying the ransom can still be a bad idea. Paying up gives cybercriminals an incentive to carry out more attacks, and if their income stream is significant, they can put more into their operations. In short, while it might save you pain in the short term, it can cause problems for everyone else in the long term. Ultimately, it’s for you to decide. You might be in a situation where your data is inaccessible unless you pay the ransom. If you’re a business, we’d recommend spending a bit on robust security and a solid backup strategy now to prevent having to fork out money to cybercriminals in the future.