Ransomware is insidious, and it’s spreading. Statistically, you’re likely to have at least received a ransomware email, if not an actual attack, that has been blocked by your security software.
Sooner or later, there’s a chance that you will succumb to ransomware. Your data will be locked, encrypted so that even if you reformat your hard disk drive and use a data recovery tool, you’ll still be unable to open the files. The data is encrypted, and you don’t have the decryption key unless you give in to the scammer’s demands. You’ll soon feel the pressure to pay up. After all, how else will you retrieve those vital personal files?
We’ve looked previously at methods you can use to avoid, and overcome, ransomware infections. But what if your data is locked? Should you pay?
There’s a bit more to fixing a ransomware problem than paying the ransom — you need to know where the money is going.
Ransomware: It’s Coming for You
Before we look at the money, however, give this some thought. A massive 93% of phishing emails wield an active ransomware risk. So, not only are these messages trying to con you into giving up your vital personal information via a spoof website, they’re carrying a hidden threat as well. The link to the spoof website might also be the way in for ransomware.
Alternatively, it might have come via social media. Around 59% of ransomware attacks come via email. Let’s consider some more stats.
A worrying 50% of businesses have been hit by ransomware. If they paid up (40% of them do), that money came out of a budget that could have been used to give pay raises or expand operations. The average ransomware demand is $679 — and $209 million was paid up in the first quarter of 2016 alone. That’s almost a quarter of a billion dollars!
Ransomware is an industry. It’s time to pull the plug.
5 Reasons to Refuse the Ransom
There are so many reasons why you should refuse to pay the ransom. If you can rely on removal tools, then do so. If you have a backup, use that. But understand that paying up is not the answer.
1. Your Data Might Not Be Unlocked
According to FBI Cyber Division Assistant Director James Trainor, “Paying a ransom doesn’t guarantee an organization that it will get its data back — we’ve seen cases where organizations never got a decryption key after having paid the ransom.”
Think about that. These are people who would lock your PC — encrypt your data — for money. They’re already that low. Why would they stick to their side of the deal? Anyone who pays up and expects the decryption key is naive.
2. You’re Incentivizing Cyber Crime
If you pay the ransom, you’re encouraging cyber criminals to go further. Here’s Trainor again: “Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity.”
Ransomware-toting cybercriminals aren’t only targeting companies. Individuals are also targeted, on whatever device they’re using. In the twelve months between April 2015 and March 2016, security researchers and developers Kaspersky observed 136,532 ransomware attacks on Android users (no doubt the FBI ransomware attack was used). This was four times more than was recorded in the previous twelve-month period.
It’s simple: paying encourages the malware creators to continue producing more ransomware. The more people pay, the more ransomware is created: it’s supply and demand. Ransomware is growing, and becoming more cunning with every iteration.
Do you want to contribute to the ransomware success story? Of course not, so don’t pay up.
3. You Don’t Know Who You’re Paying
There’s always the very slim chance that the brains behind the ransomware, and the command server coordinating the attack, is a poverty-stricken student desperate for funds to complete his or her education.
But that’s not your problem. Your problem is the fact that you are being targeted by organized crime. Says Trainor: “by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”
4. No One Knows Where the Money Is Going…
…but we can guess. Ransomware is a disruptive attack that is hugely profitable for criminals. They’re not going to be putting that money into the bank. Most payments are by Bitcoin (what is Bitcoin?) or other cryptocurrency, and those credits must be spent somehow.
Other criminal endeavors and schemes seem the likely beneficiaries. The money you cough up for your data isn’t helping anyone to do anything benevolent. We’re talking about organizations with links to (if not control of) drug smuggling, people trafficking, and slavery.
5. Pay Up and You’re Theirs
“Never give a sucker an even break,” the old saying goes.
Criminals who spot a mark typically return to the victim again and again, with different schemes and scams designed to part you from your cash. If you’re willing to pay once, you’re likely to again. But what’s worse is this: next time, the price will almost certainly be higher. It might not be ransomware, either — it might be a scam to steal your identity. Don’t prescribe any notions of moral behavior to these people. They are criminals, they have no concern for your wellbeing, nor any consideration for your ideas about how civilized people should behave.
They just want to milk you dry. Pay up once, and you might as well just set up a direct monthly payment to the cyber criminals.
The only way we can stop ransomware is to stop playing their game. Cut off the supply of cash, and this scam will soon fold. Not paying is the way forward. Protecting your data before it can be encrypted should also be a part of your strategy, whether you’re a vast multinational corporation, a small or medium enterprise, a sole trader, or just an Average Joe (or Josephine) reading Facebook.
Have you been attacked by ransomware and paid the price? Did you get your data back? Tell us all about it in the comments.