Advertisement

Security News

Should Ransomware Victims Pay Up? Experts At Black Hat Speak Out

Michael Novinson

From the availability of backups and sensitivity of exfiltrated data to the health and safety consequences of nonpayment, here’s what companies must think about before forking over a ransom.

Companies At Risk Of Going Under Have No Other Option

Small businesses that have had to shut down their systems due to a ransomware attack can end up losing tens of thousands of dollars each day, which isn’t sustainable, according to John Maddison, Fortinet’s chief marketing officer and executive vice president of products. It’s easy to crusade against making ransom payments, but if the survival of the victim’s business is at stake, companies will end up paying.

Victims also must scope out the extent of the damage and can likely avoid making ransom payments if only a portion of their infrastructure is broken, Maddison said. But if customer or intellectual property data has gone missing, Maddison said businesses face a very different calculation when deciding to engage in negotiations with cybercriminals.

Ransomware actors have gone from trying to lock down thousands of businesses in spray-and-pray campaigns to pursuing specific large enterprises in highly targeted operations, Maddison said. Organizations also need to be in contact with authorities if they have reason to believe a ransomware attack has taken place, according to Maddison.

 
Advertisement
Advertisement
Sponsored Post
Advertisement
Advertisement