17 May 2024

9 Reasons Why You Should Never Pay Ransomware Attackers

As ransomware continues to make the daily headlines and affect high-profile brands, a debate rages on as to whether paying ransomware attackers is the right thing to do - from both an operational and an ethical point of view.

Most cyber security experts, government bodies and law enforcement agencies strongly advise against paying ransoms following an infection.

Here are nine reasons why paying cyber criminals to release your business' systems and data is a bad idea and how it could actually cause even more problems for your business in the long run.

1. There's No Guarantee Your Data Will Be Returned

Paying the ransom doesn't mean that your data will be returned to you in full, or in a good condition. And the chances of a criminal gang ‘doing the right thing’ after infiltrating your network and attempting to extort you are at the very least, slim to none.

Even if they do release a decryption key, you have no guarantee it will work. You also can't be sure that your data will be intact. And if your most critical data is not returned, your business is still in the same situation as it was before you paid.

2. They May Increase The Ransom Amount

For cyber criminals, ransomware is about making as much money as possible. If you agree to pay the ransom, the group behind the infection may increase the amount. It's not unusual to see the ransom rise after a victim agrees to pay up.

3. Your Files May Still Be Infected

So, you pay the ransom, get the decryption key and restore access to your data. But that doesn’t mean everything is OK. In fact, your systems and devices are probably still infected with ransomware. Which means that your data could be re-encrypted at any moment.

Your backups can also be compromised by ransomware. This is vital to consider and plan for, as they are your last line of defence following an attack. Therefore, it pays to ensure you have a reliable data backup and recovery plan in place.

4. You Leave Yourself Open to Repeat Attacks

Western governments tend to not negotiate with terrorists, specifically when it comes to paying ransoms. Why? Because they believe it emboldens other terrorists to commit similar acts.

The same can be true of cyber criminals. Once you've shown yourself willing to pay a ransom, they're likely to target your business again. And there's nothing stopping them from raising the price each time.

5. You're Financing Criminals and Gangs

This point is central to the debate around the ethics of paying ransoms. In short, when a business pays a ransom, it has no visibility of where the money goes. Once in the possession of criminals, it could be used to fund future attacks and fuel the activities of criminal gangs.

Ransomware groups are believed to operate like organised crime cartels. They may engage in other criminal activities such as terrorism, human trafficking and drugs smuggling. The more you pay, the more you could be helping to grow their operations.

6. You May Be In Breach of Laws and Regulations

Paying ransoms is not only ill-advised, it may also violate laws and regulations, not to mention ethical guidelines. Some countries have laws prohibiting ransom payments to certain entities, for instance.

Some governments treat ransom payments as funding criminal activity. This could potentially expose your business to legal consequences and reputational damage. In the USA, the victim of an infection could be prosecuted if they make ransom payments to an entity either designated as a foreign terrorist organisation or subject to sanctions by the Department of the Treasury.

Aside from this, for businesses handling personal data, there is also the need to report data breaches as quickly as possible. This is essential to remain compliant with laws such as GDPR and HIPAA. If your business is found to have violated these laws, they be hit with sizeable fines. Paying ransoms in no way changes or affects the consequences of non-compliance when it comes to a data loss incident.

7. Your Business' Reputation Could Be Damaged Irreparably

Falling victim to cyber criminals could cause irreparable damage to your company's reputation. It exposes a failure to put the appropriate measures in place to protect clients' sensitive and valuable data.

If, in addition to this, your business pays a ransom, it suggests that you remain vulnerable to cyber threats in future and reveals that you funded criminal activity. All of these things and more can erode customer trust, lead to a loss of loyalty and ultimately, effect your bottom line in the long-term.

8. Undermining the Cyber Security Industry

The cyber security industry enjoys a symbiotic relationship with the rest of the IT sector. Investing in cyber security defences is essential to developing products that protect businesses and individuals now and for decades to come.

Paying ransoms may be seen as significantly undermining the long-standing efforts of the cyber security industry. It may also divert resources from investment in preventive measures, threat intelligence and cyber security defences.

9. Paying is Not a Long-term Solution

Paying a ransom is a one-time fix - assuming you get the right decryption key and your data back intact. But what happens next time your defences are breached? Will you pay up again? How many times can your business afford to be extorted?

A smarter investment would be investing funds, time and energy into auditing your security systems and implementing strong security and data protection measures designed specifically for your business.

Planning - The Only Solution to Mitigating Ransomware Threats

Following a ransomware infection, your key decisionmakers will be under immense pressure to pay up. But given the uncertainty of outcomes, a far smarter strategy is to develop network security plans to prevent an infection in the first place.

On top of this, you need a reliable, robust data backup and recovery strategy in place. All of these precautions combined should ensure you have everything you need to independently get up-and-running again following an incident. Which means never again facing the dilemma of paying a ransom.

How To Protect Your Backups from Ransomware - Webinar

Webinar: How To Protect Your Backups from Ransomware

Discover more about mitigating ransomware threats and gain advice on keeping your backups safe from ransomware. Watch our on-demand webinar for practical guidance and tips from us and cyber security expert James Bore of Bores Security.