Ransomware: Is It Smart to Pay the Ransom Note | Total Security Software

Ransomware is causing a stir around the world. In 2018 alone, ransomware attacks cost companies over $ 8 billion. By disguising the payments via Bitcoin transactions, a ransomware industry of its own is literally developing in the darknet.

In the darknet, ransomware is now even offered as a service. With such a " Crime as a Service ", for example, a basic ransomware package starts at USD 120 per month. While the general recommendation from the Federal Office for Information Security (BSI for short) is not to pay such a ransom demand, the question arises for many companies whether it is not wiser not to do so anyway.

What Is Ransomware?

Ransomware (from English ransom for "ransom") describes malware that prevents those affected from accessing their computers or documents. This is usually achieved by locking the computer, encrypting documents, or the entire system.

To regain access to the blocked content, a ransom note is then shown on the screen, often in the digital currency bitcoin (BTC for short). In the event of payment, it is promised to regain unrestricted access to this content.

A detailed description can be found in the article  “What is ransomware?”.

What Types of Ransomware Are There?

In general, one can differentiate between two types of ransomware. One type that blocks the browser or the operating the system, as well as the second, much more dangerous type, which encrypts content on the computer or an entire network.

How Can I Get Infected with Ransomware?

Depending on the technology, there are different methods of spreading ransomware. These include, among other things: E-mails, compromised websites, untrustworthy software, social networks, or sometimes just an Internet connection with an inadequate firewall. In most cases, action by the user is required, but dangerous ransomware variants can infect various systems without user intervention. Even seemingly harmless software from trustworthy sources such as Google advertising can point to ransomware.

Is It Legal to Make a Ransomware Claim?

Even if the encryption and the subsequent ransom extortion is a criminal offense, paying the claim is legal.

Important: If personal data are involved be, is mostly still a DSGVO -Verletzung before, which is why a specialist should be consulted for data security in any case.

Is It Ethically Correct To Pay Ransomware?

Not legal does not necessarily mean that an action is also ethically justifiable. In general, however, it can be said that in some interpretations of ethics “good” means that a decision predominantly leads to an advantage for the community.

For example, if a security-critical computer in a hospital is infected with ransomware and paying the ransom can save patients or patient data, payment is entirely appropriate.

When It Makes Sense, to Pay a Ransomware?

There are important boundary conditions to be considered for this question. At first, a ransom demand of several thousand euros (which is not uncommon with ransomware) appears very high. Nevertheless, in some cases, ransomware can significantly affect business operations and cause enormous financial damage. Especially when important documents or central computers are involved. For example, if a production line is idle for several days or weeks due to ransomware, it can make sense to pay the ransom note to minimize the disruption.

To determine the overall damage that ransomware can cause in a specific incident, the following cost factors should be clarified :

§  Downtime

§  Personnel costs

§  necessary restoration services

§  legal consequences (GDPR)

§  Reputation damage

§  IT security improvements

What Happens when A Ransomware Is Paid?

In some cases, paying a ransom note can make sense, but the process is not without risk. Generally, cybercriminals promise unlocking or decryption. Often the system is then actually unlocked or decrypted again and the person concerned has full access to his system or his data again. However, the following risks must be considered:

§  There may still be back doors in the system for the attacker, which will be exploited again in the future.

§  Due to errors in the programming of the encryption, the data of the person concerned are only partially restored

§  The key with which the content is to be restored does not exist or is invalid, which is why the data cannot be restored despite payment

Conclusion

In isolated cases, it can actually make sense to pay the ransom note. Especially when the encrypted content is of great value and its loss causes significantly greater financial or emotional damage and thus justifies the possibility of recovery. However, it should not be forgotten to report the case and initiate criminal proceedings. In any case, experts should be consulted.

Pro Tips: To keep your data free from ransomware attacks, you need advanced protection. Try Protegent Total Security Software and leave it for the rest.