Well, that proposition just got a whole lot riskier within the past few weeks given Kansas Heart Hospital’s experience. Following a successful attack, the hospital initially decided to pay the requested ransom to unlock its data — only to be hit with a follow-up ransom demand after a partial set of its files were decrypted by the criminals who delivered the malware.
This tale certainly blows a hole in the “honor among thieves” notion that has been bandied about with regard to ransom payments. The claim has been that, should you be between a rock and a hard place and agree to pay, the cyber criminals will honor your ransom and restore access to your files. This is a highly risky place to put your money or your faith; beyond the fact that ransomware authors are extortionists, there is always a chance that poor programming could destroy data entirely, meaning that no amount of ransom will bring it back.
If it wasn’t clear before, it should be crystal clear now: Considering ransom payment as your back-up plan (or, heaven help you, your only plan) is akin to playing Russian roulette with your network and your data. Planning ahead is the only viable option for protecting against data loss. You must have secure, regular, and reliable backup systems in place; you need to actively address known vulnerabilities; and you should teach your users how to recognize, avoid, and report phishing attacks, which will help you reduce risks associated with ransomware and other cyber security threats.
Subscribe to the Proofpoint Blog