Connect with us

Guide

Inside The Delicate Art of Ransomware Negotiations

Published

on

Ransomware Negotiations

Ransomware is a type of malware designed to hijack an infected device (laptop, desktop, smartphone) and block user access to anything stored on it. The malicious software impacts companies and individuals equally and doesn’t choose its victims. If it can get in, it will block access to your device and ask for payment to unblock it.

For instance, on the list of organizations hit by ransomware, you can find the Colonial Pipeline (attacked in May 2021), the Colorado Department of Transportation and the Port of San Diego (both hit in 2018), FedEx, Nissan, and Renault (2017).

Of course, these are only some of the most prominent examples, but these types of attacks happen on a daily basis and disturb businesses and people’s lives all over the world.

So how do you deal with this type of attack? Do you pay the ransom and hope for the best?

Ransomware Negotiations

Payment is Not Always the Answer

While victims can file complaints and reports with their local police authority and even the FBI, the action is often futile when it comes to regaining access to your files. In fact, even the FBI says that the best solution is to learn how to keep your data safe online and never get entangled in such a messy situation.

For instance, in the Colonial Pipeline case, the company had to pay about $5 million to get a tool that would decrypt their files, which then put the system in motion again. And they had the FBI’s support and cybersecurity specialists of the highest caliber on their side.

So should you pay? Well, the authorities are vehemently against it, but it’s not illegal to pay a ransom (yet, anyway).

On the other hand, there are cases when the ransom was paid, and the cybercriminal didn’t send the description tool or key. And there’s nothing the victim or anyone else can do except wipe the hard drive and start over.

Therefore, the more we learn about this cyber-attack method, the better prepared we will be for such a grim scenario. On http://ransomware.org/, you can find everything you need to know about ransomware.

You’re Never Safe

This message may be uncomfortable and downright scary for any business or individual out there. And that’s because there’s no way to be 100% safe from ransomware, or other cyberattacks, as long as you use technology and connect to the internet.

Now, depending on the type of ransomware that hits your organization and your defense system, there may be ways to recover the data without paying the ransom. However, if this is a time-sensitive matter, it’s best to negotiate with the cyber attacker and find a way to make sure they’ll send over the encryption key once you make the payment.

And the best way to stay out of trouble is to learn how to avoid online scams and build a strong security system. This often means extra financial and human resources, but it is worth it.

For instance, the Colonial Pipeline system was vulnerable before the attack because the company didn’t implement two-factor authentication. In other cases, a hacker was able to get in due to one weak password.

Also, the human factor is the weakest link in the cybersecurity chain, which is why many security experts urge companies to train their employees.

Wrap Up

Ransomware is one of the digital plagues of our world, and we’re not yet able to see the light at the end of the tunnel. So prevention remains the best method of protection for both individuals and companies. However, if you ever become a victim, it helps to know how the system works and what you can do.

Disclosure: If we like a product or service, we might refer them to our readers via an affiliate link, which means we may receive a referral commission from the sale if you buy the product that we recommended, read more about that in our affiliate disclosure.