Blog

Should You Pay Data Breach Ransoms?

From our experience as a leading provider of NJ Cyber Insurance, we sadly witness the pains and problems associated with cybercrime. That’s why we are comfortable saying while there are few absolutes, the odds are it’s not a matter of if your data systems will suffer a ransomware attack, but when.

Specifically, ransomware attacks are a growth industry in cybercrime activity. According to the 2021 Global Threat Report from Crowdstrike, there has been a fourfold increase in the number of ransomware interactive intrusions in just two years. The increase in such incidents is why we frequently post about cyber-attacks on the Dickstein Associates Agency blog. In addition, we seek to increase the need for awareness and vigilance in helping to protect our clients’ businesses.

Whether to pay ransom for a data breach is vexing for many reasons and is further complicated because every situation is unique. And, although the preponderance of published advice leans toward not paying a ransom, it is understandably tempting to go for the pay and pray for a quick fix.

Your Options Are Limited with Excruciating Choices.

A driving factor in your decision is knowing that if you choose not to pay the ransom, you may never gain access to your data. As such, it would be best if you balance your decision to settle with the realization you have no guarantee you’ll get your data back completely without errors and additional difficulties. For instance, if you get access to your files, you are still likely to incur lost time and other expenses to restore them and recover from the attack.

While companies choose to pay ransom demands to regain access to their files, there are persuasive arguments against doing so. We’ll outline them in this report.

Paying Ransom Is Far from a Guaranteed Solution.

In general, don’t pay ransoms even if the asking price seems cheap. Regardless of whether you get access to your data back or not, you must view the event as more than a data breach. It’s also an assault on all personal information entrusted to you for safekeeping.

There are no guarantees the attackers will honor their promise to give you access to your files. Even when they do, you have zero reasonable and verifiable assurance the cybercriminals who encrypted your files didn’t keep a copy to use for illegal purposes, including selling your data to other cybercrooks. It’s possible the hackers intentionally or accidentally altered your data, causing you more headaches, time, and expense to fix the problems, if even possible.

Avoid Becoming a Punching Bag.

The moment you pay a ransom, you tell your attackers you roll over easily. Even should they promise never to attack you again, it’s a pledge from an anonymous, untrustworthy hacker. They like easy targets, and your concession in paying the ransom only encourages more bad behavior.

Your payment is a green light for hackers to repeatedly attack your system or sell your data access information to other criminals who will hit your network with more ransomware attacks. Plus, every time you pay off a ransomware attack, you encourage more such activity against yours and other businesses operating online. It’s a vicious cycle that not paying ransoms helps to break.

Paying Ransom Supports Bad Actors and Is Potentially Illegal.

Decision-makers must recognize paying ransoms is unethical and potentially illegal. Ransomware funds can support not only criminal gangs but also rogue nation-states such as North Korea.

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory on Potential Sanctions Risks for Facilitating Ransomware Payments. It includes this chilling statement:

“Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.”

The Federal Bureau of Investigations (FBI) has also weighed in with its stance on making ransom payments to cyber criminals holding a company’s data hostage.

The following Public Service Announcement from the FBI is critical information:

“The FBI does not advocate paying a ransom, in part because it does not guarantee an organization will regain access to its data. In some cases, victims who paid a ransom were never provided with decryption keys. In addition, due to flaws in the encryption algorithms of certain malware variants, victims may not be able to recover some or all their data even with a valid decryption key.

Paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals. However, the FBI understands that when businesses are faced with an inability to function, executives will evaluate all options to protect their shareholders, employees, and customers.

Regardless of whether you or your organization have decided to pay the ransom, the FBI urges you to report ransomware incidents to law enforcement. Doing so provides investigators with the critical information they need to track ransomware attackers, hold them accountable under US law, and prevent future attacks.”

What to Do?

Deciding you’re too busy now or going with the hope and pray it won’t happen here tactic is what hackers count on for easy access to data. It’s not just a huge expense and a significant bother to recover from a ransomware attack. You also have legal and ethical responsibilities to all whose personal data you save in your network files.

Our best advice comes from experts in cybercrime and ransomware data breaches. Strengthen your systems with the most potent anti-intrusion and anti-virus software available. Then, audit your current systems to identify your potential weaknesses in your data systems and train your employees to be vigilant and stop using weak actions that create cracks in your network security.

Most importantly, ensure your IT department uses and tests daily state-of-the-art backup storage practices that assure you can access clean backup data should your system suffer from a compromise.

At the Dickstein Associates Agency, we are eager to help you get protection from a comprehensive NJ Cyber Insurance program designed to help your organization recover after a ransomware attack or data breach. You’ll get more than significant financial support to correct the damage. We’ll also assist with the legal and regulatory headaches in the wake of an incident and more.

About Dickstein Associates Agency

Dickstein Associates Agency has distinguished itself as a leading provider of personal and business insurance in the tri-state area since 1965. We pride ourselves on being advocates for our clients and providing them with quality and affordable coverages. As Trusted Choice™ independent insurance agency, we partner with various national and regional carriers, allowing for flexible coverage for each client’s unique circumstances. For more information on how you can leverage all your insurance to work best for you, and how we can secure the best insurance in the marketplace suited to your specific needs and business objectives, contact us today at (800) 862-6662 or www.dicksteininsurance.com.

SUBSCRIBE

Be the first to get updates and new offers.

Loading

related post

Locations We Serve

New Jersey, New York, Pennsylvania, Delaware, Florida, Iowa, Illinois, Indiana, Maryland, Michigan and Utah.