Skip to content

Criminals are now giving options with their ransomware.

Unpacking your choices in the face of cyber extortion.

Arthur Gaplanyan

Ransomware Shock

Imagine your business is the latest target of a ransomware attack, with all your critical data now under the control of cybercriminals who are demanding a hefty ransom to release it.

It feels like you’re stuck between a rock and a hard place, especially when you realize that paying up isn’t something you can afford.

But then, just like a slippery salesman with a “too-good-to-be-true” offer, these digital extortionists offer a way to extend your payment deadline.

Research shows that ransomware groups are getting more inventive with their tactics. Not their technical breaching tactics, but rather their psychological swindling tactics.

One group has begun offering victims payment options with their ransom demands. These options include choices such as paying to delay the publication of stolen data for a “low cost” of $10,000 or alternatively to pay to have all the stolen data deleted before it’s made public.

These ransom amounts aren’t fixed; they’re up for negotiation, adding an extra layer of intimidation to the entire scenario.

Note that both of the prior options were set with time limits. This simple fact dials up the pressure, and to hit this fact home the criminals have added statistical dashboards to their websites. It’s quite a horrifying sight to see, complete with countdown timers ticking away the seconds until your data’s potential release, counters for all who have seen your data, and tags that expose your identity and details to the world.

Panic set in yet?

Most likely yes, since it’s all a tactic designed to corner and coerce you into meeting their demands.

Hold on a minute though. Before you even think about paying that ransom to safeguard your business data, realize that it’s never a good move.

Countdown

Here’s why paying a ransom is a bad idea:

Handing over the money doesn’t ensure the safe return of your data. They might take the money and run.

It also doesn’t mean that their demands will stop there. Once they know you will pay, they could ask for more.

Even if they give you your data back, that doesn’t mean it is safe. They still have a copy of it, they might sell it on the dark web anyways to get a second paycheck out of the deal.

That data of yours might be used against you for future attacks. These attacks could be against you again, or even your customers or vendors.

By paying the ransom, you’re inadvertently supporting criminal activities, potentially encouraging them to target more businesses just like yours.

To add insult to injury, succumbing to their demands might also potentially land you in hot water legally. I’m no lawyer so can’t comment on the specific details, but my overall understanding is that in the United States it is generally not illegal to pay a ransom, at least in Los Angeles it isn’t. However, the payment of a ransom is considered a transaction, and funding terror groups or embargoed countries is illegal. So, if push really came to shove, Uncle Sam could potentially hit you with fines.

So, what’s a business owner to do?

Digital Extortion

Here’s a game plan to avoid becoming the next victim of ransomware:

  • Make sure you have a backup and disaster recovery solution in place. This is more than “backup”. It’s a full system that ensures not only that your data is backed up but is tested for viability and includes a way to recover quickly. Data does you no good if it takes you 2 weeks or more to get it back. Business continuity is vital.
  • Educate your team on the dangers of ransomware and train them to spot phishing attempts and dubious links. This isn’t a one-time event; it should be ongoing. Remember that the majority of breaches come from unsuspecting employees clicking links in malicious emails.
  • Invest in top-notch cybersecurity tools and keep them updated. You should have advanced email security and 24/7 detection and response monitoring for your entire network and devices.
  • Stay on top of all system and software updates to close security gaps. This is one of the simplest steps that gets overlooked continuously. Don’t fall prey just because you didn’t do an update because it was inconvenient.
  • Divide your network into segments to contain any potential ransomware spread. This goes double for secondary devices like phones and smart devices (which are notoriously bad with security).
  • Have a clear incident response plan so you and your team know exactly what to do if there is a security event.

Remember, caving into ransom demands rarely, if ever, solves the problem. Instead, focusing on proactive solutions can help keep your business safe.