Vital questions to answer before paying ransom in a ransomware attack


Is your company vulnerable to ransomware attacks? Or have you been attacked with ransomware already? If so, these are the questions to answer before paying a ransom to those who locked out your database from access.


Better not to Pay- FBI has already released a press update in November last year that the best practice is to not bow down to the demands of hackers as it not only encourages the said cybercrime further, also it doesn’t guaranty a decryption key as soon as the ransom is paid. So, the first and the foremost question to answer as soon as your IT infrastructure is hit by ransomware is- Can we recover the data from the available backups? The decision matrix is more complex than it seems from outside and so all is left to the CIOs and CTOs to decide as they are know more on how to deal with such situations under the prevailing circumstances.


Ransom payment in Cryptocurrency- Like said above, its contradictory to say not to pay the ransom. But if the situation demands, then you need to think about the payment options as in most cases the hackers spreading ransomware demand the ransom in Bitcoins or Monero. Therefore, is your company ready to shell out the payment in digital currency will be the next question to consider and then followed by the question of how fast could you secure the said funds?


What if we do not pay- The third question which strikes your mind as soon as your company’s database is hit by ransomware is what happens to the locked-up data if we do not pay the ransom? Factually speaking, those spreading ransomware are seen stealing the data first and then locking up the database as this ensures a pay-guaranty for all the hard work which the hackers have invested in infiltrating, data steal and encrypting the database thereafter. Also make sure to search for a decryption key on the web, as it helps to unlock the database before making the payment.


Now what will be the next question- In one of its formal updates issued by the FBI in December 2019, a ransomware victim can bow down to the demands of hackers if there is no other choice left to them. So, all you guys out there whose IT assets became a target of a ransomware attack, it’s formal now to pay a ransom if the situation demands.


Prevention is better than cure- As all say, Prevention is better than cure and this not only applies to diseases or pandemic spreads like Corona Virus, but also to Cybersecurity. So, better scan all the incoming and out-coming emails with threat monitoring solutions before they reach the end-users. Also, configure your firewalls in such a way that it automatically blocks malicious IP addresses. Furthermore, ensure that all your devices with operating systems have been updated with regular patches and fixes and the firmware is also to date. Keeping a tab on the activities being done by privileged accounts also helps.


Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display