Cyberattacks: Is paying ransom the obvious way out in most cases?

*Cybersecurity experts maintain that paying the ransom to cybercriminals is the obvious way out in several cases, especially for critical infrastructure companies and organisations that are below the security poverty line

Isola Moses | ConsumerConnect

Against the backdrop of recent malware attacks on assets of individuals, groups, businesses, organisations and governments around the world, some cybersecurity experts have suggested if paying the ransom to cybercriminals could assuage the increasing ransomware attacks in recent times.

“If we ban paying the ransom, cybercriminals will not scatter like cockroaches in the kitchen when the light is turned on. And anyhow, succumbing to the criminals’ demand is the best way out,” CyberNews report said.

ConsumerConnect had reported iconic Colonial Pipeline in the US is one of the many cyberattack victims who have chosen to pay malware demands.

It was noted at the time that the biggest American oil pipeline system paid $4.4million in exchange for a decryption key to unlock its assets.

According to experts, paying the ransom is the obvious way out in many cases, especially for critical infrastructure companies and organisations that are below the security poverty line.

In 2020, according to Chainalysis, targets of attacks paid estimated $350million, up 311 percent from the previous year.

Among other posers for cybersecurity industry stakeholders, some have asked: “When faced with a ransomware attack, what should victims do? Is paying the ransom really a viable solution?

“And are there any alternative methods of getting the precious data back?”

Prominent cybersecurity experts tried to answer those questions during the Institute for Security and Technology webinar, report said.

To pay or not to pay?

As some have contended that paying ransom only fuels the ransomware ecosystem, experts, however, agree that succumbing to cybercriminals’ demands sometimes might be the only way for businesses to avoid costly disruptions, the shutdown of essential services, or the release of sensitive information in the process.

Ari Schwartz, Managing Director of Cybersecurity Services and Policy at Venable, said: “A lot of times payment is the way to go.”

Schwartz argued that ransomware victims have a lot to take into consideration in this regard.

A public company with shareholders has to think about fiscal responsibility, said he.

The insurance company might be pushing you to pay, and the fear of losing or exposing data also adds up to the pressure, according to report.

Jen Ellis, Vice-President of Community and Public Affairs at Rapid7, as well noted that several organisations find themselves below the security poverty line.

In that case, Ellis suggested that failure to pay the ransom will most certainly mean the loss of business that belonged to your family for generations.

The Vice-President of Community and Public Affairs at Rapid7 further stated: “They really can’t afford a lot of defence and in-depth measures, and they lack the resources and capability.

“For them, a ransom incident can mean an end of the business. If you don’t pay, you have no recourse.”

For them, Ellis said, the choice to pay or not to pay is simply not there, saying, “you have to pay because otherwise, you are saying goodbye to your businesses.”

Likewise, Josephine Wolff, Associate Professor of Cybersecurity Policy at Fletcher School at Tufts University, agrees that paying is the obvious choice most times.

Nonetheless, Wolff said that individual companies should not be blamed for the choices they make.

According to him, policymakers are letting that happen.

Should ransom payments be forbidden?

Several governments have reportedly argued that ransom payments are fuelling the ransomware ecosystem.

The US Federal Bureau of Investigation (FBI) does not recommend paying the ransom as there’s no guarantee you will get any data back, according to report.

The Bureau as well noted this encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.

However, legislators are not yet moving ahead with banning it.

The goal, all three experts agreed, should be enacting a prohibition on ransom payments eventually. But doing that too soon would do no good.

Ari Schwartz said: “If you look at the Colonial Pipeline case, people on the East Coast are not getting gas, and there are lines at the pumps, and then it’s illegal to pay, and we don’t have a solution for them. That’s problematic.”

Still, before prohibiting ransom payments, experts agree that stakeholders should have more control over what happens, make sure there are other solutions for people to seek, and maybe have some exemptions to the prohibition.

“If you do it tomorrow, we will all be in a lot of trouble,” Schwartz said.

Again, Ellis agreed that the ransom payments should be prohibited eventually, but definitely not yet.

According to her, for people losing their businesses, there is also a chance that companies choosing to break the law and pay the ransom will end up in even more trouble.

She also believes, that attackers will become more focused and target either critical infrastructure that has no tolerance for disturbance or companies below that poverty line to whom ransomware attack might simply mean the end of the business.

“The majority will stick to the law, and it will be devastating to the economy and them individually.

“But those who do consider going down that route and will make a payment, will put themselves in the pocket of an attacker.

“They’ve proven the willingness to pay and the ability to pay, and they’ve now made themselves indebted in terms of the attacker’s knowledge about them. That’s your new form of double extortion,” Ellis added.

And anyhow, the prohibition of ransom payments would not make cybercrime disappear, report stated.

Kindly Share This Story