For cybercriminals, ransomware is a sustainable and profitable business model, and it puts any enterprise that relies on technology at risk. In many circumstances, paying the ransom is easier and less expensive than recovering from backup. Supporting the business model of the attackers, however, will just result in more ransomware.
Since the past two years, ransomware attacks have skyrocketed. According to a 2021 RTF Report: Combating Ransomware, the amount paid by victims grew by more than 300 percent in 2020, totalling almost USD350 million. The spike in attacks can be attributed to a number of variables, including increased usage of remote networks, threat actors becoming more sophisticated in their hacking techniques, and the introduction of cryptocurrency, which makes ransom payments more convenient.
The recent crippling Colonial Pipeline attack highlights the devastation that ransomware can cause. As a result, when confronted with a ransomware attack, businesses are often inclined to follow Colonial’s lead and pay the ransom. Failure to do so will only exacerbate the negative consumer effect, damage to brand reputation, and other issues that come with this scenario. Despite the temptation to give in and pay the ransom, cybersecurity experts advise against it.
Businesses can’t be certain they will get their data back
It’s a gamble, not a guarantee, to pay the ransom. When companies pay the ransom, hackers are under no obligation to do anything. They can easily take the money and abscond because payments are often made anonymously via cryptocurrency transactions.
This merely adds insult to injury for companies. The hackers are clearly victorious, and the company is left with the embarrassment of paying a fee and receiving nothing in return. Ransomware poses a threat to all businesses, and those who pay the ransom run the risk of throwing their money down the drain.
Paying the hackers only encourages them to carry out more attacks
When businesses pay a hacker a ransom in the aftermath of a ransomware attack, they are simply funding their operations and encouraging them to carry on with their criminal activities and behaviors against other businesses.
Hacking groups can use the funds to build ever more complex techniques of infiltrating vulnerable businesses of all kinds using malware. By paying the ransom, companies are merely contributing to the spread of ransomware.
On the other hand, the more difficulties that hackers face in their criminal activities, the less likely they are to be able to continue harming other businesses.
Paying puts a target on the back of a company
When companies pay the ransom, they become a target for other criminals. By paying, they are signalling to the hackers that they have won and that their attack was successful. As a result, the company is more likely to be the target of a second attack.
Furthermore, if a second attack occurs, the hackers are likely to demand a larger sum of money the next time. If hackers know a company will pay up, they will continue to attack them in the hopes of receiving additional ransom payments.
Finally, it’s vital to remember that the company may be attacked by a different group each time. Hackers may sell corporate data to other groups. Alternatively, simply publicising a successful attack can make the company a target for other hacker groups.