ransomewareThe following post was featured on TechTarget SearchSecurity earlier this week and is being shared as we have many clients who have asked us this hypothetical question, in the hopes that the day doesn’t come that they have to know the answer. Thankfully, they are working with us and have a sound Data Backup and Recovery Plan in place. Read on for an insightful and good read we hope you will never need to reference:

“Our organization is developing a short policy statement to deal with future ransomware outbreaks. However, a key point we disagree on internally is that some people believe it’s okay to pay a ransom for data depending on the cost/value equation, while others think paying the ransom is like negotiating with a terrorist and should just never be done. What approach should we take?”

Ransomware is surreptitious software that overtly takes control of a computer’s hard drive and encrypts it. It holds the information hostage until a ransom is paid for release of the decryption key. Payment of the ransom is often made in bitcoin, which is anonymous and untraceable. The ransom can be — and typically is — paid if the information or computer taken hostage is critical to the operation of a business or victim. The underlying question is how this could have happened and what recourse is available. On June 5, 2014, Cisco foretold of a rash of ransomware attacks and this is starting to come to pass.

Companies falling victim to ransomware and that wind up paying the ransom, tend to either have poor backups or insufficient controls; or, if both systems are working effectively but still succumb to more sophisticated attacks, there are greater concerns regarding reputational or financial risks if the incident goes public.

Should a company pay ransom for information or computers taken hostage? Ethically speaking, the answer is no. But in a practical sense, given the criticality of the asset, it might have to. If not paying the ransom has an adverse effect on a business’ viability, then there are few choices. If the organization can accept a loss in business, then the ransom should not be paid and attention should be focused on preventing reoccurrence.

There are several steps organizations can take to prepare for a ransomware attack, including backing up critical data daily, running incrementals to make the backup process less cumbersome and time consuming, ensuring strong network security, verifying and periodically testing malware detection and application controls and also deploying comprehensive monitoring processes to detect unauthorized access attempts and unknown or unexpected changes in environments. The key is to have sufficient controls and recovery processes in place to render a hostage situation merely an inconvenience and not a critical business threat.

Download our Disaster Recovery flyer

Business People Wearing Headset Working In Office To Support Rem

Accelerating Business Success: The Importance of a Prompt IT Managed Service Provider Response 

In today’s fast-paced business world, time is money. Every minute of downtime can translate into lost opportunities and revenue. That’s wh ...
Customer Satisfaction Survey Concept, 5-star Satisfaction, Servi

The Importance of Customer Experience with Managed IT Services and Cybersecurity 

Get expert tips to improve customer experience with managed IT services and cybersecurity. Learn today with Great Lakes Computer!  Customer exper ...
Business People Wearing Headset Working In Office To Support Rem

Great Lakes Computer Forms Partnership with BIXOLON to Offer Best in Class Printing Solutions

Great Lakes Computer is thrilled to be an authorized sales and service center for BIXOLON’s comprehensive line of printers. This partnership helps u ...