Why You Shouldn’t Pay the Ransom

Tech giant Garmin were recently the victim of a WastedLocker attack which temporarily took their services offline. Evil Corp Group have begun distributing a new type of ransomware, WastedLocker. This ransomware typically encrypts a business’s files, deletes shadow copies. The hackers then demands a ransom, usually in the form of crypto currency, in exchange for decrypting files. (Read more about WastedLocker). 

Recently, reports have emerged that in order to decrypt their compromised files and user’s information, Garmin allegedly paid the multi-million-dollar ransom demanded by Evil Corp. In this instance, the transaction seemingly resulted in Garmin being able to bring their services back online. Whilst paying the ransom seems like the only viable option if your business gets attacked by ransomware, this is untrue. This article will delve into the dangers and downsides of paying ransomware ransoms and how you can take proactive measures. 

What is Ransomware?

Ransomware is a form of malware designed to restrict user’s access to files and information on their PC through encryption. These hackers then demand a ransom payment in order to decrypt your files. Variations of ransomware has been around for almost 40 years. It continually evolves and sophisticates in order to keep successfully targeting home user’s and in particular, businesses. 

Studies show that 1 in 5 businesses had not yet been hit by ransomware and moreover believe they wouldn’t be a target. However, ransomware comes in many different forms and anyone with the means and motive can set up a ransomware operation. Another study by Symantec showed there to be more than 1,200 ransomware detections each day in 2017. 

The Symantec study also found that 51% of surveyed businesses were hit by ransomware within the last year and a further 27% actually paid the ransom. 

Should you pay the Ransom?

Short answer, no. Although paying the ransom seems like the quick and easy solution to getting your files back and minimising downtime, there are adverse consequences of paying the ransom. 

1. Paying the ransom doesn’t necessarily fix everything. In a lot of cases hackers will leave malware behind once they’ve compromised your network. Thereby leaving a window of opportunity to re-infect your pc at another point in time.

2. Despite paying the ransom, the hacker may not be able to decrypt your files. In some cases, the ransomware may be poorly coded or deployed and it is possible the hackers themselves may not be able to decrypt your files even if you pay the ransom.

3. There is no guarantee you will actually get your files back if you pay the ransom. According to a report by CyberEdge Group, 80% of victims who paid the ransom didn’t get their files back.

4. Paying the ransom incentivises these ransomware attacks. By paying the ransom you are proving that the attack is successful in its end goal: getting money. This money will be funnelled back into the scam to hit as many businesses as possible.

What can you do instead?

Ransomware, downtime, and all the other devastating effects of being compromised can be avoided with a multi-layered, sophisticated approach to managed security. Milnsbridge’s approach to security includes SentinelOne next generation antivirus which includes rollback, threat hunting and machine learning features to better help combat ransomware and other types of attacks.  A comprehensive Managed Backup service also securely stores your data off site. This means that even if you do fall victim to a ransomware attack, you won’t lose your data or face days of costly downtime trying to get your services back online.

To find out more about our comprehensive Managed Security plans and our Managed Services, call Milnsbridge now on 1300 300 293. Alternatively use our live chat feature to connect to one of our specialists.