Further to the discussion as to whether people or organizations should pay up when hit by ransomware…
- The hardline security maven view is usually that they shouldn’t because it encourages the proliferation of ransomware attacks.
- A softer view (more or less mine) is that you can’t blame people – especially individuals – for not sacrificing their treasured photos, documents etc for a principle. But we hear of organizations assuming that it’s cheaper to pay the ransom than it is to protect data properly. If so, not only are they adding to the problem, but they’re making an unsafe assumption. That is, that paying the ransom will get their data back.
Sometimes, we’re told that ransomware operators will ‘return’ the data because not to do so may damage their ‘business model.’ And there’s something in that. However, the operators don’t always return the data. Sometimes they just can’t, through some technical issue or incompetence. Sometimes they just don’t bother.
Judging from a survey report from Kaspersky, it seems the number of times that payment doesn’t result in the release of the data may be higher than we think. The report states that:
17% of people online have faced a ransomware threat, with 6% becoming infected as a result. One– in–five users that pay a ransom don’t get their files back