Since the city of Atlanta was hit by a ransomware attack that effectively crippled much of the public services in the city, we’ve been getting a lot of people asking – why didn’t they just pay the ransom?
Early reports suggest that the government of Atlanta did not pay the $51,000 ransom that was demanded in return for the encryption keys that would supposedly restore the affected systems. $51,000 does not seem like much in comparison to the estimated losses that the city suffered due to the attack, including officials being forced to work on old laptops and physical notes during the weeks that their digital systems were down. According to WSB-TV 2, the effects of this attack cost the city approximately $2.7 million in damages.
IT and security experts all around the world have been debating whether or not those affected would benefit from paying the ransom, and the answer is usually affected by numerous factors; including the complexity of IT infrastructure, sensitivity of affected data and many more. The differences of opinion continue to exist to this day. So, with that in mind, we’ll look at some pros and cons of making a ransomware payment.
The Pros of Paying the Ransom
In most cases, but certainly not all, you will be given the decryption key upon payment and be able to access your encrypted files and folders. Paying the ransom immediately upon request could potentially reduce the overall impact of the attack, as you can reduce any downtime and minimize disruptions to business processes. In some industries, prolonging the affected period of time by not paying the ransom could have serious consequences. For example, if a hospital is hit by ransomware and key patient information is encrypted, it could be devastatingly risky not to pay the ransom immediately.
The Cons of Paying the Ransom
Let’s be honest, no one is comfortable with having to pay money to criminals. Doing so, in a way, validates ransomware as an effective business. If attackers receive positive answers to their demands, then they will continue to believe that ransomware is a money-making enterprise. For many, not paying the ransom is an act of principle. Most security and IT experts agree that there would be no need to pay the ransom if proper data backups were taken regularly. If you had backups readily available, you could simply restore your affected files and folders form this instead of paying the attackers. Finally, as alluded to before, paying the ransom is never a guarantee that you will get your systems back. In many cases, after the ransom is paid, the attackers are never heard from again, or the payment is lost altogether.
So, What Should You Do?
We always recommend that you never pay the ransom. Simply because we are firm believers that it’s not difficult to prepare yourself for a ransomware attack. Many cost-effective solutions on the market help you detect and prevent the spread of ransomware in your environment. This, combined with regular backups, should mean that ransomware would be ineffective. It’s always better to be prepared than be in a situation where you have to decide whether to pay or not.