Ransomware Special Reports

You’ve been hacked – so what’s the plan? By Nicole Deslandes

rules help fund their next attack on an unsuspecting victim,” states Jason Illingworth, principal analyst at IT security service firm NormCyber. It’s true that paying the ransom does not guarantee the return of stolen data, and in the worst-case scenario, organisations will simply be out of pocket, on top of being shut out of their systems. Even when the keys are handed back, it may still take a long time to recover systems. “Look at Ireland’s health service that was hit by Conti – the team there were still attempting to recover from a cyber attack six weeks in, even with the decryption keys,” notes Paul Baird, CTSO UK at Qualys. To add insult to injury, data regula - tors may dole out fines that could

range up to hundreds of thousands of pounds. As part of a bid to crackdown on ransomware operators, there’s an ongoing debate as to whether it should be illegal for businesses or an individual to pay a ransom – or at the minimum, to make it mandatory to report ransomware payments to the authorities – something that the Australian government is currently considering. Meanwhile in the UK, the govern- ment’s intelligence arm GCHQ and its data protection watchdog ICO joined forces with the Law Society this sum - mer to launch a campaign to actively discourage lawyers from advising their clients to pay out. Yet, despite the advice and the pitfalls

So, they’re in. The data’s been hi - jacked, and systems are on lockdown. But don’t worry, you can get it all back. For a price. ‘Don’t pay!’ plead the cyber security experts and law enforcement, but with your business at risk, you face a dilemma: backups might not work and paying could be cheaper than recovery. Now the devil is on one shoulder and the angel is on the other, the quan - dary of whether to pay or not starts to weigh in. The hackers have made their demands – usually payment in the form of cryptocurrency – but do you pay? Show me the money “Ransomware is a criminal enterprise, where those who play by the hackers’

techinformed.com

Powered by