Avoid Paying Digital Ransom in Case of Ransomware Attacks

Avoid Paying Digital Ransom in Case of Ransomware Attacks

“It’s not worth paying”, says Reiner Dresbach of Cybereason in his commentary on ransom demands after ransomware attacks.

Could it be that you recently heard about one of the few ransomware attacks with a good outcome? This is how Maastricht University is getting back the ransom it paid in a 2019 ransomware attack. Since the account of the criminals, which has since been seized, was filled with cryptocurrency, the university will now also receive Bitcoins – which are now worth many times more than they were back then. However, this stroke of luck should not be a model for other institutions and companies to pay digital ransom demands. The following still applies: paying is not worth it.

Apart from Maastricht University, the figures speak for themselves. In our study “Ransomware: The True Cost to Business 2022″, a completely different picture emerges around ransomware attacks: Thus, a majority of companies (82 percent) that had paid a ransomware demand became victims of attackers again. But not only that! More than half (63 percent) also had to pay more the second time than the first time they were attacked. A full 66 percent of respondents who were victims of ransomware a second time were targeted again by the same attackers.

Costs and benefits of ransomware

If that’s not enough proof that you shouldn’t pay, you can also take a look at the costs and benefits of ransomware: On average, respondents in Germany paid just under half a million euros in ransom. But only just under 30 percent of the companies that paid got their data and systems back without any problems. In the 70 percent of other cases, problems arose because some of the returned data was damaged or the data thieves’ encryption keys did not work properly. Given the high sums of money demanded, this is a risky gamble with poor prospects.

So, unless it is a matter of life and death, for example because vital and acutely necessary medical data is encrypted, companies should not respond to ransom demands from ransomware fraudsters. Investing in good backups and modern cyber security such as XDR solutions, which can quickly detect and fend off hackers across the network using AI and machine learning, is much better spent. Not only do you avoid the reputational damage that comes with successful hacks – you also show the attackers that their methods are no longer so easily successful, hopefully making them obsolete.

Reiner Dresbach
Reiner Dresbach Vice President Central at Cybereason