To pay or not to pay ransomware: A cost-benefit analysis of paying the ransom

My advice: sort out your basic cyber hygiene and make sure you have an effective backup/restore process for critical systems. The you have the luxury of thumbing your nose at ransomware criminals…:

[…] Most law enforcement agencies discourage cooperating with cybercriminals and suggest only paying the ransom when you have exhausted all other options. As the FBI says:

“There are serious risks to consider before paying the ransom. [The United States Government] does not encourage paying a ransom to criminal actors. However, after systems have been compromised, whether to pay a ransom is a serious decision, requiring the evaluation of all options to protect shareholders, employees, and customers.”

That doesn’t necessarily mean that you should never pay the ransom, but it does highlight the importance of conducting a cost-benefit analysis before making your decision.

It might make sense to pay the ransom if:

  • You are unable to restore your system from backups.
  • You cannot retrieve your files using a free ransomware decryption tool.
  • The encrypted data is absolutely vital.
  • The downtime will severely impact your business, clients and other stakeholders.

As a general rule of thumb, you should only pay the ransom as an absolute last resort and you truly cannot afford to lose the data.


Original article here