Should you ever pay up to ransomware criminals?

Ransomware

Ransomware is becoming a very popular tool for criminals. Earlier this year, Lincolnshire County Council became one of the highest profile victims of a scam that left local authority computers encrypted and whole systems shut down.

In the US, the Hollywood Presbyterian Medical Center was hit with a cyber-attack, resulting in an internal emergency as staff were unable to access patient files. According to a doctor at the hospital, the system was infected with ransomware. As a result of the attack, staff were not able to access data such as X-rays, patient information and lab work. Some have said the ransom in this case may be up to $3.6 million (around £2.5 million, AU$5 million).

According to IT security company Radware's annual report on cybersecurity, 25% of firms surveyed said they had been the victim of ransomware.

Growing trend

"It's a trend that's grown year-on-year (up from 16% last year) and that's likely to continue as professional groups become more organised and use Bitcoin," says Adrian Crawley, regional director for Northern EMEA at Radware.

The defence against such attacks as most security experts will tell you is to keep a current backup of any important data. If the worst should happen, then a quick restore will mitigate against most of the attack. But of course, this doesn't always happen and in some cases files remain encrypted and the criminals have the upper hand.

"Last year Proton Mail, a small Swiss company, had to call in Radware to help it shore up its defences when the attack it was experiencing from The Armada Collective became significantly worse after it paid a ransom," says Crawley. "Once hackers know they have your attention then there's no going back."

It begs the question, should we ever pay criminals a ransom to get back data? According to Chris Boyd, malware intelligence analyst at Malwarebytes, paying up is not a good idea.

"All too often, people say they're going to start backing up their files after they've already lost them," he says. "It's too late by that point, and the malware authors are under no obligation to hand over a key to unlock the data once the ransom has been paid."

He adds that broken decryption methods and buggy malware files muddy the waters further, and in general by paying the ransom victims are encouraging the attackers to continue foisting their ransomware on other hapless folks.

"We need to de-incentivise them from making their malware, and the best way to do this is cut off their revenue stream," says Boyd.

No guarantees

Nigel Hawthorn, chief European spokesperson, Skyhigh Networks, says that any company that considers paying even a single pound or dollar to blackmailing hackers needs to have a serious think about its actions.

Hawthorn notes: "There's no guarantee that hackers won't continue to deny access to systems, hit them with DDoS or release valuable data. It's fair to say that if someone is willing to blackmail you, they're probably not going to keep to their side of any 'deal'."

Sian John, chief security strategist EMEA, Norton by Symantec, says that if crime pays, hackers have the financial resources to find new ways to infect your devices. "This will give them the opportunity to target more people for larger amounts of money in the future," she says.

John adds that instead of negotiating with the hackers holding your files hostage, you can clean up an infected computer at home by using a tool like Norton Power Eraser which is freely available online.

Latest in Security
An American flag flying outside the US Capitol building against a blue sky
The FCC is creating a security council to bolster US defenses against cyberattacks
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Passwordless authentication continues to grow, with biometrics helping push adoption
Data leak
Hacked Tata Technologies data leaked by ransomware gang
Latest in News
Stress
Complexity of IT systems could be increasing security risks for businesses
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
CEOs think they might lose their jobs if they can't deliver on AI
Tony Hawk's Pro Skater 3+4
From Ace of Spades to Them Bones, Tony Hawk's Pro Skater 3+4's soundtrack is already looking excellent
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging
AMD describes its recent RDNA 4 GPU launch as 'unprecedented' and promises restocking the Radeon RX 9070 XT as 'priority number one'
The Google Gemini logo against a black background.
I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's upcoming Flash 2.0 built-in image upgrade
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung Galaxy S26 Ultra could resurrect an intriguing camera feature