Ransomware recovery goes beyond data loss for enterprises

Search Security, August 4, 2017

When faced with a ransomware situation, enterprises just want the problem to go away as fast as possible. Paying the ransom can seem like the quickest way to getting back to normal. But there are many ramifications to consider that might not immediately come to mind in the throws of panic.

Additional prices you might pay if you cave to paying ransom after a ransomware attack:

  • You could pay the money, but may not actually get your data back
  • By paying, you’re ID’d in the hacker world as a willing payer for next time
  • If it gets out publicly that you paid, you’re branded as such, and possibly viewed that you didn’t have good data backups in place to bail yourself out of the situation (even if you did)
  • Insurance companies might start making caving to ransom demands a reason to avoid paying out on insurance claims

But taking the so-called higher road and not paying ransom could still mean you pay a plenty high (and probably even higher) price in downtime alone. Even if you have a structured backup plan, that doesn’t make i easy and fast to implement. If your backups are encrypted, that presents an even more time consuming process to getting back up and running. Meanwhile, your employees are stuck in an unproductive mode of waiting.

Willy Leichter, vice president of marketing at Virsec in San Jose, Calif., says paying a ransom is never the solution. He told Search Security "Even if you pay a ransom, you have no guarantees that your data will be returned and that the infiltration isn't still active in your networks. In fact, you're tagging yourself as a willing target who will inevitably be hit again," Leichter told SearchSecurity. "A robust system of backups is by far the best defense against a ransom, but it doesn't insulate you from potential lawsuits or compliance violations if data is lost. If your networks have been compromised, you have risk."

Companies like FedEx and Merck, who’ve been victimized by ransomware are still recovering, months after the fact. It’s a business nightmare that can’t be overstated. Chances are, they’re taking steps as part of their recovery to ensure they never have to face such a situation again. They know the hard way, and the rest of us still have a chance to prove the old adage that “an ounce of prevention is worth a pound (read, a ton) of cure.”

Read full Ransomeware recovery goes beyond data loss for enterprises