Organizations struck by ransomware attacks have taken different approaches. City of Baltimore is still recovering from a hack that has disrupted municipal services since May 7, 2019. The city said on its website that it decided not to pay the ransom because it didn’t want to reward criminal behavior and the FBI and Secret Service advised against it. The estimated cost of recovering from the attack cost $18 million; the original ransom would have been about $102,000 in bitcoin.
Two Florida cities, Riviera Beach and Lake City, took the opposite approach, agreeing to pay hackers hundreds of thousands of dollars each to avoid outages and expensive recovery.
Fact: 45% of organizations that experienced ransomware attacks over the previous 12 months paid up
So when is it alright, potentially, to pay the ransom?
1. Backups are unavailable or encrypted. Some ransomware encrypts backup systems, sometimes making it impossible to recover from an attack. Paying a ransom to get hackers to unlock systems can help avoid lengthy outages and loss of business.
2. Lives are at risk. Ransomware at hospitals, power plants and other critical infrastructure could result in physical damage or deaths.
3. Someone else will pay. Some cyber insurance plans cover the cost of a ransom. For the insurer, it may be cheaper than paying for the customer’s recovery.
For more information on ransomware or a complimentary policy, contact Ali Pabrai, at, Ali.Pabrai@ecfirst.com.
Date: July 07, 2019