Should Ransomware Victims Pay Up? Experts At Black Hat Speak Out
From the availability of backups and sensitivity of exfiltrated data to the health and safety consequences of nonpayment, here’s what companies must think about before forking over a ransom.
Should Be Avoided Outside Critical Infrastructure
Critical infrastructure vendors stricken with ransomware might need to pay up if the restoration of their service matters to the rest of society, according to Barracuda Chief Technology Officer Fleming Shi. Shi, however, said companies hit with ransomware should initially take the stance of refusing to pay and force the conditions on the ground to convince them otherwise.
Attacks on critical infrastructure vendors with exorbitant ransom demand have caught the attention of authorities, with the U.S. government, FBI and ransom negotiators demanding ransomware groups prove they’ve actually captured the victim’s data. Authorities have also focused on finding ways to trace cryptocurrency so that any Bitcoin payments made to cybercriminals can potentially be recovered.
Adversaries have waves of experience tearing down victim environments and restoring their systems if a ransom payment is made, Shi said. In response, Shi said organizations must invest more heavily to improve their defensive posture.