6 Reasons Not to Pay Ransomware Attackers
Paying a ransom might appear to be the best option, but it comes with its own costs.
March 17, 2022
Victims of ransomware attacks face the excruciating choice of either paying off their attackers or risking considerable disruption in attempting to restore encrypted data on their own or — as is often the case — with the help of an incident response firm.
Numerous studies have shown that most victims prefer paying a ransom either because they don't have proper data backups or because they view it as a less expensive and less risky option compared to not paying. In a survey that ThycoticCentrify conducted last year, for instance, 83% of ransomware victims said they had no choice but to pay a ransom to get back access to their data, and more than 90% said they had allocated a special budget for fighting ransomware threats.
There are many who perceive making a ransom payment as a necessary evil because of the enormous financial damage that can result otherwise. Sixty-six percent of 1,263 respondents in a Cybereason survey reported substantial revenue losses as the direct result of a ransomware attack. Most of it stemmed from disruptions to business processes, system downtime and the resources require to restore systems. These costs can mushroom the longer an organization takes to recover from an attack, which is why many ransomware victims find it preferable to just pay off their attackers.
But is that a good idea — and does it really work? Here are six reasons, according to security experts, why paying a ransom may not be the best idea.
About the Author(s)
You May Also Like
Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024