Be Secure Online Blog

Ransomware to pay or not to pay.


ransomware professional firms
Business Protection software

Updated April 2022. That is the question. Paying the ransom is a bad practice for several reasons. There is no guarantee that you’ll get the decryption key on payment. Cybercriminals do not have the key that decrypts the data. Ransomware is now readily available on the black market, so many take leaked sources of ransomware, and modify the payment information. They never had the key in the first place, but criminals lie. 

The ransomware is not your only problem. If paying the ransom is your only option, then it’s a certainty that you have plans in place to restore your business. No disaster recovery plan means, that you won't recover fully from the attack, a known fact.

This means more potential data lock-ups, costly breaches and other cyber disasters leading to loss of confidence in your business, staff leaving, spreading rumours, and customers going elsewhere.  Getting the decryption key will not solve all of your problems.

Break the cycle.

If you pay the ransom, you will perpetuate a vicious cycle. Cybercriminals will reinvest the ransom in producing other ransomware tools. If there’s no profit to be had, cybercriminals will not put more money into developing ransomware. Prevention is the best cure. Prepare your company for the inevitability of cyberattacks, ransomware or otherwise. You won’t have to face the hard decision to take money out of your budget to recover from an attack.

11 Tips to protect yourself from ransomware.

phishing, GAA, ransomware
Many of Ireland's GAA club websites were spiked with ransomware. People lost 20 years of family photos and memories. 

1. Back up your files regularly

The only way to ensure that you can immediately handle a ransomware attack is to implement a regular backup schedule so that your company can get access to the files it needs without dealing with the cybercriminals. Your backup should have certain restrictions, such as read/write permissions, without an opportunity to change or delete the files.

2. Check your backups

Be sure to check regularly that your backups are in good shape.

3. Protect against phishing attacks

Cybercriminals often distribute fake email messages that look like an official message from a vendor or bank, luring a user to click on a malicious link and download malware. Never open attachments from an unknown sender, even suspicious attachments from a friend in case they were hacked.

4. Trust no one

Or rather, trust but verify. Malicious links can be sent by your friends or your colleagues whose accounts have been hacked. Let employees know that if they receive something out of the ordinary from a friend, they should call that person directly to verify that they sent it and find out if their accounts have been compromised.

5. Enable the ‘Show file extensions’ option in the Windows settings

This will make it much easier to distinguish potentially malicious files. Because Trojans are programs, warn employees to stay away from file extensions like “exe”, “vbs” and “scr.” Scammers could use several extensions to masquerade a malicious file as a video, photo, or document.

ransomware professional firms
Professional Firms such as Lawyers, Accountants ransomware payers and specifically targeted

6. Regularly update your operating system

Cybercriminals exploit vulnerabilities in software to compromise systems. With automated Vulnerability Assessment and Patch Management tools, your system will be scanned and patches regularly installed to keep your system updated.

7. Even though it is not Sex, Use Protection.

No, it's not sex, but use protection. Modern robust antivirus program to protect your system from ransomware. Most products employ a multi-layered system of defence that checks malware from many angles, keeping you safe. But if ransomware hits...

8. Cut the internet connection

If you discover ransomware, shut off your internet connection right away. If the ransomware did not erase the encryption key from the computers in question, then there is still a chance you can restore your files.

9. Don’t pay the ransom

If your files become encrypted, we do not recommend paying the ransom unless instant access to some of your files is critical. Each payment made helps the criminals to prosper and thrive to go on to build new strains of ransomware.

10. Try to identify the malware

If you are hit by ransomware, try to find out the name of the malware. Older versions of ransomware used to be less advanced, so if it is an earlier version, you may be able to restore the files. Cybersecurity experts collaborate with law enforcement to provide file restoration tools online and, hopefully, detain the adversaries. Some victims can decrypt the files without having to pay the ransom. 

11. Anti-Phishing

Because phishing emails are usually the starting point for many ransomware attacks, Anti-phishing technology uses a multi-layered approach to protect against infiltration. First, it checks sites with the product’s local anti-phishing databases on the user’s device. Next, it checks URLs of sites against its own vast, continually updated database of phishing sites. When a new malicious URL is detected on the computer, information about this threat is made available from the cloud database within 15-30 seconds of detection. Finally, heuristic analysis is an intelligence system that looks at dozens of phishing symptoms and compares them with other indications, classifying them based on known modern phishing methods.

Articles of Interest

Articles, links and connections from the BeSecureOnline site you might find interesting.    

What is a VPN - VPN Explained

Ransomware - To pay or not to pay - Ransomware

Cybersecurity Essentials for Business

Five things to use VPN for - VPN 5 things

Comments are closed for this post, but if you have spotted an error or have additional info that you think should be in this post, feel free to contact us.


Get the latest updates in your email box automatically.