Should your company pay cybercriminals after a ransomware attack? It depends.

In Data Breach News, Malware Ransomware
September 13, 2024

Some experts from negotiation firms offer their perspectives on the thorny question of whether to pay ransom. Business Insider reports:

Cybercriminals stealing important data and holding it for ransom can be a company’s worst nightmare.

Instances of ransomware, a type of malicious software that holds sensitive data hostage until a victim pays the attacker, are becoming more common. The security firm Mandiant, a Google subsidiary, said it found a 75% increase in posts on data-leak sites from 2022 to 2023.

Some companies choose to pay cybercriminals, and others don’t. MGM and Boeing reportedly declined to pay millions of dollars that hackers sought after data breaches. The software firm CDK Global likely paid $25 million when it was attacked, and the casino operator Caesars reportedly paid $15 million.

“The position we generally take is that if you don’t need to pay ransom, you should not pay ransom,” said Mark Lance, the vice president of digital forensics and incident response and threat intelligence at GuidePoint Security, which helps organizations negotiate ransomware. “We do not recommend funding a criminal organization or making a payment if it’s unnecessary.”

But he said companies may decide to pay up for a variety of reasons.

Read more at Business Insider.