Should Ransomware Victims Pay Up? Experts At Black Hat Speak Out
From the availability of backups and sensitivity of exfiltrated data to the health and safety consequences of nonpayment, here’s what companies must think about before forking over a ransom.
Between A Rock And A Hard Place
Organizations have become increasingly willing to fork over ransoms in recent months, with Colonial Pipeline paying Darkside $4.3 million in May with the hope of restoring operations on its 5,500-mile pipeline sooner. And meatpacking giant JBS paid REvil $11 million to shield the company’s meat plants from further disruption and limit the potential impact to restaurants, grocery stores and farmers.
More recently, Kaseya opted not to pay a $70 million ransom yet still received a key that proved to be 100 percent effective at decrypting files that were fully encrypted during the devastating July 2 REvil ransomware attack. “Kaseya decided after consultation with experts to not negotiate with the criminals who perpetrated this attack and we have not wavered from that commitment,” Kaseya wrote July 26.
CRN spoke with 10 C-suite executives and threat researchers during Black Hat USA 2021 about what (if any) circumstances merit the paying of a ransom. From the availability of backups and sensitivity of exfiltrated data to service restoration delays and health and safety consequences associated with non-payment, here’s what boards and CEOs need to consider when deciding if it’s worth paying the ransom.