As ransomware attacks continue to cripple networks, most recently forcing medical centres to shut down their systems and turn away patients, the FBI has issued some unambiguous advice for organisations on how they should handle ransom demands:

Don’t pay.

The FBI does not advocate paying a ransom, in part because it does not guarantee an organization will regain access to its data. In some cases, victims who paid a ransom were never provided with decryption keys. In addition, due to flaws in the encryption algorithms of certain malware variants, victims may not be able to recover some or all of their data even with a valid decryption key.

In other words, the FBI says that paying up is no guarantee that hackers will unlock the encrypted data on your computer.

And that’s true. There is no guarantee. And you would have to be in a pretty desperate position to place your trust in anonymous cybercriminals who have already proven themselves to have no qualms about breaking the law and exploiting a situation for their financial advantage.

But then, companies and organisations who find themselves in the middle of a hard-hitting ransomware infection are often desperate. This can especially be true if firms did not have a secure backup system in place from which they can restore their precious data or if they determine that recovering from a backup might take a lot longer (and cost them more money) than paying their extortionist.

However, as the FBI points out, there are other major reasons why they advise against paying ransomware demands: you are encouraging criminals to launch more attacks.

Paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals.

If no-one ever paid the ransom, there wouldn’t be any more ransomware attacks. (Read more...)