FBI to ransomware victims: Just pay up

The FBI recently weighed in on the prevalence of malware attacks against users and companies. And their advice was essentially: You’re probably better off just paying the attackers. 

This flies in the face of what a lot of companies consider to be best-practice. The thought is that if you pay the ransom:

  • there’s no guarantee you’ll actually get the files unlocked by the attacker
  • it incentivizes other attackers to get in on the game, and
  • once you’re outed as a willing payer, it opens the door to future attacks or higher ransom demands.

But Security Ledger’s Paul Roberts reports that may not be how the FBI sees things. He covered a presentation by Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program Joseph Bonavolonta at the Cyber Security Summit 2015.

Bonavolonta said the most common advice is, “The easiest thing may be to just pay the ransom.”

The logic behind that advice? The ransomware is usually good enough to evade decryption, and most attackers will decrypt your files true to their word, Bonavolonta said.

Playing Wack-A-Mole

Ransomware strains come and go. One will be decrypted, and another will pop up.

It’s a trend that’s not likely to be reversed as long as ransomware’s still a profitable enterprise.

One crucial step is to prepare yourself for the possibility a ransomware attack could hit your systems or one of your users. Companies should prepare to decide:

  • whether they’ll give into ransomware demands (and if so, at what cost)
  • how to arrive at such decisions, and
  • who should be informed of that decision.

However, more importantly, it’s crucial to keep backups of all critical documents and data – preferably off-site protected by redundant defenses.

Doing so could make the difference between a minor inconvenience and reams of stolen data.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy