8 questions to answer before paying a ransomware demand

Consider these factors before deciding to pay a ransom after a ransomware attack. Better yet, know where you stand before one hits you.

Ransomware  >  An encrypted system, held ransom with lock + chain, displays a dollar sign.
Tomas Knopp / Getty Images

Until the last few years, conventional wisdom said never to pay the ransom that ransomware criminals demanded, because it only encourages them. Despite those warnings it was rumored that somewhere around 40% of all ransomware victims paid the ransom.

Now it seems, many impacted companies have been paying the ransom and the very few who didn’t probably wish they did. There is evidence that ransomware recovery companies who claim to help recover environments without paying the ransom are often paying the ransom and getting the decryption key in secret.

Who’s paying ransoms?

I spoke with John Mullen, of Mullen Coughlin, who has been involved with thousands of cybersecurity incident responses in his career. His firm handled over 1,200 privacy matters last year and will handle over 1,500 in 2019.

I asked Mullen if he’s seen that 40% figure go up recently. "It was never 40% or 50%. I don’t know where that number came from. It was always higher. Most companies pay the ransom when faced with the decision to pay or close down. They typically make the payment because they don't have another valid continuing business option. Pay or it or be out of business for days, weeks or longer.” Mullen adds that no one knows the actual percentage of companies that pay the ransoms, but he has “little doubt” it is rising.

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.