Considerations to be made when dealing with Ransomware Payments


When a server falls victim to a ransomware infection, the urgency to regain access to critical data often leads to a difficult decision: paying the hackers’ demands. However, the reliability of ransomware criminals in conducting their “business” is far from guaranteed.

Are Ransomware Payments Legal?

First and foremost, it’s essential to understand that paying a ransom to cyber-criminals is generally considered illegal. In the United States, for instance, the International Emergency Economic Powers Act (IEEPA) can subject victims to government notices and legal consequences for making such payments. Moreover, many Western and Asian countries also deem digital currency payments for ransom as illegal.

The Alternative: Refusing to Pay

Opting not to pay the ransom is a risky but legal choice. If an organization has a robust backup system in place, it can often rely on these backups for data recovery. However, the effectiveness of this approach hinges on the speed of the recovery process, which directly impacts downtime.

Calculating the Cost of Data Recovery

The cost of data recovery after a ransomware infection is a primary concern for CIOs and CTOs. Using backup data is typically a cost-efficient method, but its success depends on the quality and speed of data recovery software. Alternatively, if an organization decides to pay the ransom, it must consider various expenses, including acquiring cryptocurrency, seeking assistance from forensic experts for ransom negotiation, and evaluating the consequences of giving in to the hackers’ demands.

The FBI’s Perspective

The Federal Bureau of Investigation (FBI) has taken a strong stance against ransomware payments. In November 2019, the FBI warned that paying a ransom doesn’t guarantee a decryption key. Even if a key is provided, there’s a high risk it may not work. Another concern is that paying the ransom can attract further attacks from the same cyber-criminals, especially if the underlying vulnerabilities that allowed the initial infiltration aren’t addressed.

When Backup Is Not an Option

In cases where viable backups are unavailable, victims should consider involving law enforcement agencies and following their guidance. It’s crucial to act cautiously, as making a ransomware payment ultimately fuels the underground economy of cyber-criminals.


In summary, dealing with ransomware is a complex and legally fraught endeavor. Organizations facing this threat must carefully weigh the risks and legal implications of making payments against the potential consequences of refusing to comply with hackers’ demands. Collaboration with law enforcement and cybersecurity experts is advisable when navigating this treacherous landscape.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display