Why Pay Ransom When You Can Avoid it

While cybercrimes worldwide have escalated following the shift to remote work because of the coronavirus pandemic, ransomware attacks skyrocketed by 148% in March, as per VMware Carbon Black threat researchers. 

What are some recent attacks?

Just within the last few days, we witnessed numerous high-profile attacks affecting various sectors.

  • Last week, the Sodinokibi ransomware operators allegedly siphoned off a 756 GB data dump of legal documents from Grubman Shire Meiselas & Sacks (GSMLaw), demanding $21 million.
  • Elexon, a UK power grid middleman, suffered a potential ransomware attack impacting its internal IT systems.
  • A cyberattack struck the Australia-based BlueScope Steel, impacting its production systems company-wide. It is believed to be a ransomware incident caused by one or more employees opening malware-laced email attachments.
  • Magellan Health Inc, a Fortune 500 company, disclosed identity theft in a ransomware attack from one of its corporate servers in the last month.
  • The notorious Maze ransomware attacked Pitney Bowes, the US-based mailing technology firm. The attackers had shared screenshots, indicating leaked employee information, sensitive financial, and customer data.
  • A ransomware attack at the Office of Court Administration (OCA), Texas, knocked off its servers and websites offline.
  • Nefilim ransomware claimed to have stolen over 800 GB of personnel and financial data from the oil and gas firm, W&T Offshore Inc.

Ransomware payment means double the cost

A recent report from Sophos, a UK-based security firm, revealed that organizations paying a ransom to the cybercriminals may end up doubling the overall cost of recovery.

  • In the last 12 months, 51% of organizations faced at least one ransomware attack.
  • According to the report, the average cost of addressing the impact of a ransomware attack was more than $730,000.
  • However, the average cost rose to $1.4 million when organizations decided to pay the ransom.
  • That too when only 27% of organizations admitted paying the ransom.

Does ransomware payment help?

The FBI straightaway clears its position saying no person or organization should ever pay the ransom. But, what can a victim organization do to prevent the data loss and downtime, which threatens the sustainability of an organization?

  • In the second week of April, Travelex, a London-based foreign currency exchange, paid a ransomware gang $2.3 million in bitcoin to regain access to its global network.
  • In the law firm hack, the group has doubled its ransom amount to $42 million, claiming to have critical information on President Trump. The group also announced that they received a $365,000 amount related to its attack on the law firm.

Considering they are not trustworthy actors, there isn't any guarantee of data recovery or receiving a decryptor. According to the study, overall 94% of victims get their data back, with or without ransom.

Conclusion

According to the Sophos report, 56% of IT managers were able to recover their data from backups without any negotiation with hackers. Attacks may not be inevitable but one can always be prepared to protect their data and system at such times. The only way to avoid paying a ransom is to pay for cybersecurity readiness.