Why you should be prepared to pay a ransom

Mike Tyson used to say, “Everyone has a plan until they get punched in the face.” It’s much the same with ransomware attacks: No matter how much you insist that of course you’d never pay a ransom, your plans go out the window the first time you see all your organization’s computers showing that “You’ve been hacked” screen.

The truth is that organizations are increasingly paying ransoms to recover their data. In fact, 70% of businesses hit by ransomware attacks wind up forking over thousands of dollars to their attackers. Even local governments have paid ransoms to regain access to vital services. No matter how much we tell one another that we’d do things differently, the reality is that when your data disappears and you start losing clients or missing deadlines, you’ll pay virtually any price to put things right.

Rather than virtue-signaling with a blanket “We never pay” statement, organizations need to be realistic about the specific circumstances in which they’d pay a ransom. If you’re a hospital and people will die if you don’t get your computers back online STAT — yes, it’s better to pay up. If you’re in a less critical field, and it’s just a question of waiting around while your backups come online, maybe you can ride it out without paying.

But either way, it’s important to be honest — with yourself, your C-suite, your directors, and other stakeholders — about how you’d respond to a successful ransomware attack. When you’re clear and pragmatic about the circumstances in which you’d pay a ransom, you can make more meaningful plans. That starts with including the cost of ransom payments — and for the fines you’ll have to pay if you give cash to cybercriminals — in your IT budget. Your CEO might not enjoy budgeting for Bitcoin transfers to hackers, but it’s better to plan ahead than to be blindsided by unanticipated costs.

To read the complete article, visit Dark Reading.