To pay or not to pay. That’s the dilemma when you fall victim to a ransomware attack. By paying ransom, you unwittingly help their business grow, and you don’t even have the guarantee that a simple ransomware attack won’t develop into a long-term case of long-term extortion.
But what happens when lives are at stake? According to recent FBI statements, ransomware now targets hospitals, schools, law enforcement agencies and governments. Even though there is no guarantee that the decryption code will be delivered to the victim, some institutions are so desperate to regain their information that they would pay most any amount.
A user who refuses to pay ransom has few options to recover the data. And if they’re dealing with a more recent version of ransomware such as Cryptowall, there’s no way to decrypt the files without making the payment.
Law enforcement representatives are focusing on destroying the ransomware business model and urge users to not pay ransom, even at the risk of losing sensitive information.
“By paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals,” FBI Cyber Division Assistant Director James Trainor warns
Trainer assures internet users that the Bureau is actively collaborating with local and international organizations to build the best strategy against malware.
Deciding whether to pay ransom or try to recover the files by oneself is never easy, because both come with risks. If the ransom is paid, the decryption key might not be delivered or, worse, the hacker could keep some proprietary information to eventually extort more money from the victim.
The success of restoring a backup or formating the device depends on the type of ransomware, yet the user will most likely lose the encrypted files. Should you ever fall victim to ransomware, you can directly reach out to the FBI’s Internet Crime Complaint Center. To avoid infection in the future, never open attachments from questionable sources, don’t click on URLs that seem fake, and make sure your security software is up to date.