DATA DOCTORS

Here are the realities of paying ransomware thieves

Mar 26, 2022, 7:15 AM
(Pexels Photo)...
(Pexels Photo)
(Pexels Photo)

Q: A business associate’s organization was hit with ransomware; can they trust that they will get their data back if they pay the ransom?

A: The financial incentives for ransomware attacks are estimated to top $1 billion this year, which means that this lucrative cyber-crime is going to continue to grow.

2021 saw a 62% increase over 2020 in reported ransomware incidents according to the Cybersecurity & Infrastructure Security Agency and every expectation is that it will continue to grow in 2022.

To Pay or Not To Pay

Generally speaking, the question of whether you should pay the ransom or not has more to do with whether you have a secured backup to restore from or not.

Getting rid of the malware that allowed the attack to happen is pretty straightforward, so as long as you have a current backup that was not included in the attack, there’s no need to pay the ransom.

If you don’t have a backup to restore your data from, you’ll have to decide between spending your time or your money to get back up and running.

Ransomware thieves are hoping that the amount of time it would take to recreate the data is much more expensive than just paying the ransom.

The detrimental impact of paying the ransom is that it encourages the underworld to figure out how to expand their attacks because it pays well.

No Guarantees

In many cases, an organization may have no choice but to pay the ransom, but that doesn’t guarantee that every file will be returned intact.

Statistically speaking, about one-third of ransomware victims pay the ransom, but the likelihood of complete recovery isn’t always the result.

When you pay the ransom, the thieves provide you with a ‘key’ to unlock the encrypted files, but there are complications beyond the key such as data corruption or unsophisticated encryption methods that can cause data to be unrecoverable.

I advise clients that are forced to pay the ransom not to expect a full recovery as there are many instances where only a partial recovery may be possible.

A recent survey published in Canada suggested that full recovery of your data was close to a 60/40 proposition. Of the respondents that paid the ransom, only 42% said they got full access to their data. 49% percent said they got a partial recovery with 7% saying they paid the ransom but got nothing at all.

Double Extortion

Even if your organization has done a good job to ensure that it can recover from a traditional ransomware attack, there is another level of extortion that’s on the rise.

We’re seeing an increase in attacks that include the step of copying your data to a remote location as well.

This allows them to threaten to go public with sensitive information about your business and/or your employees in case you aren’t willing to pay to unlock your files.

Phishing scams targeting employees are still the most common method for starting a ransomware attack, so focusing on educating employees and securing your data with encryption or other forms of data protection are essential to avoid paying either form of ransom.

Data Doctors

(Pexels Photo)...
Data Doctors

Tips to understanding full virus scan information

Depending upon your setup, there are a few things you can check for to help you understand what and where files are stored on your computer.
2 days ago
(Pexels Photo)...
Data Doctors

A handful of free and easy video editors for beginners

For those looking to get into video editing, here are a few options that work directly on smartphones, computers and tablets.
9 days ago
(Photo by Budrul Chukrut/Getty Images)...
Data Doctors

Here are tips for speeding up your Chrome browser

If you love using your Google Chrome browser, but it seems to be boggling down, here are a few tricks to speed things up.
16 days ago
In this photo illustration, the Virtual Private Network (VPN) is seen displayed on a smartphone. 
T...
Data Doctors

Using your VPN to get around local sports blackouts

For those that have cut the cable and gone to streaming services, one challenge has always been accessing live sporting events.
1 month ago
(Pexels Photo)...
Data Doctors

How to help stop the junk text messages from coming in

If it seems like you’re getting more junk text messages recently, you aren’t alone.
1 month ago
...
Sponsored Content by Arizona Department of Health Services

Update your child’s vaccines before kindergarten

So, your little one starts kindergarten soon. How exciting! You still have a few months before the school year starts, so now’s the time to make sure students-to-be have the vaccines needed to stay safe as they head into a new chapter of life.

Sponsored Articles

...
Carla Berg, MHS, Deputy Director, Public Health Services, Arizona Department of Health Services

Update your child’s vaccines before kindergarten

So, your little one starts kindergarten soon. How exciting! You still have a few months before the school year starts, so now’s the time to make sure students-to-be have the vaccines needed to stay safe as they head into a new chapter of life.
...
Carla Berg, MHS, Deputy Director, Public Health Services, Arizona Department of Health Services

ADHS mobile program brings COVID-19 vaccines and boosters to Arizonans

The Arizona Department of Health Services and partner agencies are providing even more widespread availability by making COVID-19 vaccines available in neighborhoods through trusted community partners.
...
Canvas Annuity

The secret to guaranteed retirement income

Annuities aren’t really a secret, but they are so misunderstood that they might as well be. Once you understand what an annuity is and how it can benefit you, you could decide this “secret” is the perfect supplement to your retirement plan.
Here are the realities of paying ransomware thieves