Here are the realities of paying ransomware thieves

Mar 26, 2022, 7:15 AM

(Pexels Photo)...

(Pexels Photo)

(Pexels Photo)

Q: A business associate’s organization was hit with ransomware; can they trust that they will get their data back if they pay the ransom?

A: The financial incentives for ransomware attacks are estimated to top $1 billion this year, which means that this lucrative cyber-crime is going to continue to grow.

2021 saw a 62% increase over 2020 in reported ransomware incidents according to the Cybersecurity & Infrastructure Security Agency and every expectation is that it will continue to grow in 2022.

To Pay or Not To Pay

Generally speaking, the question of whether you should pay the ransom or not has more to do with whether you have a secured backup to restore from or not.

Getting rid of the malware that allowed the attack to happen is pretty straightforward, so as long as you have a current backup that was not included in the attack, there’s no need to pay the ransom.

If you don’t have a backup to restore your data from, you’ll have to decide between spending your time or your money to get back up and running.

Ransomware thieves are hoping that the amount of time it would take to recreate the data is much more expensive than just paying the ransom.

The detrimental impact of paying the ransom is that it encourages the underworld to figure out how to expand their attacks because it pays well.

No Guarantees

In many cases, an organization may have no choice but to pay the ransom, but that doesn’t guarantee that every file will be returned intact.

Statistically speaking, about one-third of ransomware victims pay the ransom, but the likelihood of complete recovery isn’t always the result.

When you pay the ransom, the thieves provide you with a ‘key’ to unlock the encrypted files, but there are complications beyond the key such as data corruption or unsophisticated encryption methods that can cause data to be unrecoverable.

I advise clients that are forced to pay the ransom not to expect a full recovery as there are many instances where only a partial recovery may be possible.

A recent survey published in Canada suggested that full recovery of your data was close to a 60/40 proposition. Of the respondents that paid the ransom, only 42% said they got full access to their data. 49% percent said they got a partial recovery with 7% saying they paid the ransom but got nothing at all.

Double Extortion

Even if your organization has done a good job to ensure that it can recover from a traditional ransomware attack, there is another level of extortion that’s on the rise.

We’re seeing an increase in attacks that include the step of copying your data to a remote location as well.

This allows them to threaten to go public with sensitive information about your business and/or your employees in case you aren’t willing to pay to unlock your files.

Phishing scams targeting employees are still the most common method for starting a ransomware attack, so focusing on educating employees and securing your data with encryption or other forms of data protection are essential to avoid paying either form of ransom.

Data Doctors

(Pexels Photo)...

Ken Colburn, Data Doctors

Here are the best tips for mobile file sharing

Airdrop is Apple’s proprietary method to exchange files between Apple devices and can’t be used to send files directly to Android devices, but there are other options.

5 days ago

(Unsplash Photo)...

Data Doctors

Random caller? Here are tips for looking up unfamiliar phone numbers

If you've ever wondered who's calling you, then here are some tips for looking up unfamiliar phone numbers.

12 days ago


Data Doctors

5 tips to speed up Google’s Chrome browser if it has begun to lag

The plethora of extensions available for Google Chrome can be one of many reasons why a users' browsing experience can be noticeably slower.

19 days ago

( Photo)...

Data Doctors

When a computer freezes up, solutions can vary from bypassing cache to OS updates

When a computer freezes, the reality is it’s a sign that you have a significant issue that needs to be addressed.

26 days ago

Windows 11 and Windows 10 operating system logos are displayed on laptop screens for illustration p...

Data Doctors

Tips for knowing how and when to upgrade to Windows 11

Windows 10 isn’t being discontinued; it’s coming up to its ‘End Of Life’ in Microsoft’s support lifecycle.

1 month ago

(Photo by Pierre Crom/Getty Images)...

Ken Colburn, Data Doctors

Here’s what you need to know about using smartphone mobile payment systems

There are good reasons to consider using the mobile payment systems that most smartphones support, ranging from convenience to security.

1 month ago

Sponsored Articles


OCD & Anxiety Treatment Center

5 mental health myths you didn’t know were made up

Helping individuals understand mental health diagnoses like obsessive compulsive spectrum disorder or generalized anxiety disorder isn’t always an easy undertaking. After all, our society tends to spread misconceptions about mental health like wildfire. This is why being mindful about how we talk about mental health is so important. We can either perpetuate misinformation about already […]


Desert Institute for Spine Care

Spinal fusion surgery has come a long way, despite misconceptions

As Dr. Justin Field of the Desert Institute for Spine Care explained, “we've come a long way over the last couple of decades.”


OCD & Anxiety Treatment Center

How to identify the symptoms of 3 common anxiety disorders

Living with an anxiety disorder can be debilitating and cause significant stress for those who suffer from the condition.

Here are the realities of paying ransomware thieves