Why You Shouldn’t Pay the Ransom

2 years ago

Tech giant Garmin were recently the victim of aย WastedLockerย attack which temporarily took their services offline. Evil Corp Group have begun distributing a new type of ransomware, WastedLocker. This ransomware typically encrypts aย business’sย files, deletes shadow copies. The hackers then demands a ransom, usually in the form of crypto currency, in exchange for decrypting files. (Read more aboutย WastedLocker).ย 

Recently, reports have emerged that in order to decrypt their compromised files and userโ€™s information, Garmin allegedly paid the multi-million-dollar ransom demanded by Evil Corp. In this instance, the transaction seemingly resulted in Garmin being able to bring their services back online. Whilst paying the ransom seems like the only viable option if your business gets attacked by ransomware, this is untrue. This article will delve into the dangers and downsides of paying ransomware ransoms and how you can take proactive measures. 

What is Ransomware? 

Ransomware is a form of malware designed to restrict userโ€™s access to files and information on their PC through encryption. These hackers then demand a ransom payment in order to decrypt your files. Variations of ransomware has been around for almost 40 years. It continually evolves and sophisticates in order to keep successfully targeting home userโ€™s and in particular, businesses. 

Studies show that 1 in 5 businesses had not yet been hit by ransomware and moreover believe they wouldnโ€™t be a target. However, ransomware comes in many different forms and anyone with the means and motive can set up a ransomware operation. Another study by Symantec showed there to be more than 1,200 ransomware detections each day in 2017. 

The Symantec study also found that 51% of surveyed businesses were hit by ransomware within the last year and a further 27% actually paid the ransom. 

Should you pay the Ransom? 

Short answer, no. Although paying the ransom seems like the quick and easy solution to getting your files back and minimising downtime, there are adverse consequences of paying the ransom. 

  1. Paying the ransom doesnโ€™t necessarily fix everything. In a lot of cases hackers will leave malware behind once theyโ€™ve compromised your network. Thereby leaving a window of opportunity to re-infect your pc at another point in time. 
  1. Despite paying the ransom, the hacker may not be able to decrypt your files. In some cases, the ransomware may be poorly coded or deployed and it is possible the hackers themselves may not be able to decrypt your files even if you pay the ransom. 
  1. There is no guarantee you will actually get your files back if you pay the ransom. According to a report by CyberEdge Group, 80% of victims who paid the ransom didn’t get their files back. 
  1. Paying the ransom incentivises these ransomware attacks. By paying the ransom you are proving that the attack is successful in its end goal: getting money. This money will be funnelled back into the scam to hit as many businesses as possible. 

What can you do instead? 

Ransomware, downtime, and all the other devastating effects of being compromised can be avoided with a multi-layered, sophisticated approach to managed security. Milnsbridgeโ€™s approach to security includes SentinelOne next generation antivirus which includes rollback, threat hunting and machine learning features to better help combat ransomware and other types of attacks.  A comprehensive Managed Backup service also securely stores your data off site. This means that even if you do fall victim to a ransomware attack, you won’t lose your data or face days of costly downtime trying to get your services back online.

To find out more about our comprehensive Managed Security plans and our Managed Services, call Milnsbridge now on 1300 300 293. Alternatively use our live chat feature to connect to one of our specialists.

Letโ€™s get started

Get in touch today and speak with one of our friendly staff. We will take the time to assess your business requirements and provide an obligation-free quote.ย 

Facebook
Twitter
LinkedIn

CORE

All the essentials
$ 69 Monthly
  • 3 Hours Remote Support
  • Support Hours 8am - 5.30pm M-F
  • Best Effort Response Times
  • Staff Onboarding + Offboarding
  • Microsoft 365 Administration
  • Cyber Security Awareness Training
  • EDR/Antivirus - Endpoint Protection
  • Cloud Hosted Email Security
  • Critical Software + Security Updates
  • Server Performance Monitoring
  • 24 x 7 System Monitoring + Alerts
  • Daily Backup Monitoring
  • Monthly Executive Reports
  • Standard Operating Environment

Growth

Unlimited Support + Security
$ 89 Monthly
  • Unlimited Remote + Onsite Support
  • Support Hours 8am - 5.30pm M-F
  • Guaranteed Response Times
  • Staff Onboarding + Offboarding
  • Microsoft 365 Administration
  • Cyber Security Awareness Training
  • EDR/Antivirus - Endpoint Protection
  • Cloud Hosted Email Security
  • Critical Software + Security Updates
  • Server Performance Monitoring
  • 24 x 7 System Monitoring + Alerts
  • Daily Backup Monitoring
  • Monthly Executive Reports
  • Standard Operating Environment
  • Keeper Password Manager
  • Duo Multi Factor Authentication
  • DNS Filter Internet Protection
Popular

Enhanced

Unlimited Support 24x7 + Security
$ 159 Monthly
  • Unlimited Remote + Onsite Support
  • 24 Hours Support - 7 Days a Week
  • Priority Response Times
  • Staff Onboarding + Offboarding
  • Microsoft 365 Administration
  • Cyber Security Awareness Training
  • EDR/Antivirus - Endpoint Protection
  • Cloud Hosted Email Security
  • Critical Software + Security Updates
  • Server Performance Monitoring
  • 24 x 7 System Monitoring + Alerts
  • Daily Backup Monitoring
  • Monthly Executive Reports
  • Standard Operating Environment
  • Essential 8 Assess & Report
  • Monthly Vulnerability Scanning
  • Threatlocker Application Control
  • Keeper Password Manager
  • Duo Multi Factor Authentication
  • DNS Filter Internet Protection