SecureWorld News

Ransomware: Pay It or Fight It?

Written by SecureWorld News Team | Thu | Nov 8, 2018 | 3:15 PM Z

Should you pay the ransom if you get hit with ransomware?

Or should you refuse to pay hackers? 

The answer is apparently yes. To both of these questions.

That is based solely on what's been revealed over the past week.

Police advise paying the hackers a ransom 

Ransomware example number one comes from the town of West Haven, Connecticut. During the early morning hours on October 16, 2018, a ransomware attack spread across the city's network and encrypted 23 servers.

The city says it determined the attack came from outside the U.S. and consulted its IT manager and the Connecticut State Police.

"Mayor Rossi, Mr. Richards and our police IT experts determined the best course of action, given all the available information, was to pay a one-time fee of $2,000 to unlock servers. The money was paid in digital currency. The data restoration of a critical system occurred shortly after the completion of that transaction."

To most people, that "one-time fee" is called a ransom. Interesting how the city made it sound like a simple business transaction.

Also, calling it "one-time" is also questionable. We have reported on hackers on the Dark Web selling information on ransomware victims who are willing to pay.

Call it lead generation, Dark Web style.

Read the city's full explanation of its decision to pay the ransom at WTNH-TV.

'Look hackers in the eye', we will not pay the ransom

Ransomware example number two comes from a water utility in the Carolinas, in the middle of recovering from a hurricane when ransomware spread across its network on Saturday, October 7, 2018.

The utility company's CEO told its staff they would not fund more crime.

"Do you bow your head, weakly, and say we'll pay you and risk another attack? Or do you look 'em in the eye and say we're Americans, we're North Carolinians, and by golly, we'll survive this too. That's what we say. That's what we're telling the cybercriminals and the world."

Read the ransomware statement from the utility, or watch the Facebook Live announcement:

Both of these cases are simply illustrations of the tensions involved in the ransomware debate.

And they point to something else: a lack of un-corrupted data backups at too many organizations.

This can force your hand, despite your best intentions.

That's exactly what happened to Roseburg, Oregon, public schools this year, according to The News-Review, after the school district said the FBI advised not paying the ransom:

“We exhausted all efforts to avoid paying the requested ransom out of concern that more damage could be caused; however, the experts ultimately determined that the solution was worth the risk,” Roseburg Public Schools Superintendent Gerry Washburn said in the statement. “The costs associated with attempting to decrypt the sophisticated software code were prohibitive, and we wanted to get back to focusing on our students’ educational experiences.”

That certainly taught hackers a lesson, didn't it? Keep going after targets because even those who don't want to pay may do so anyway.

Cha-ching.