Should Ransomware Victims Pay Up? Experts At Black Hat Speak Out
From the availability of backups and sensitivity of exfiltrated data to the health and safety consequences of nonpayment, here’s what companies must think about before forking over a ransom.
Assess Risk Associated With Captured Data
Large enterprises and companies selling to consumers typically have a scoring methodology for how sensitive different pieces of data in their possession are as well as the risk associated with exfiltration of that data, said Netksope CEO Sanjay Beri. By leveraging their existing infrastructure, Beri said businesses can easily assess the potential impact of a ransomware attack.
Businesses will typically know what data has been taken during a ransomware attack since it’s inaccessible and hackers like to brag about their bounty, he said. Businesses have committed to protecting the data of their customers and therefore might end up needing to pay a ransom if there’s no other way to keep their customers’ data safe, Beri said.
This is particularly true if the stolen data is sensitive and its public dissemination is likely to harm customers, Beri said. Still, Beri said paying ransoms does incent criminal behavior and gives the wrong signal to those propagating harm and chaos.