Cyber Attack: Should Your Clients Pay Ransoms?

Cyber Attack: Should Your Clients Pay Ransoms?

Ransomware is a type of malware that attacks a computer, encrypting data and demanding a ransom payment to release the files. When an organization’s data is attacked in this way, hackers give the option to pay up and receive an encryption key or lose the data forever. Research shows that a business is attacked by ransomware every 11 seconds. This common and growing crime has resulted in nearly $1 billion in annual ransom payments. All organizations in every industry are at risk of becoming victims to cyber hackers. Once they do, they face a very difficult decision: should you pay ransomware demands?

Why You Should Not Pay

The FBI advises ransomware victims to refrain from paying the ransom for the following reasons.

  • The hackers are criminals, after all. Therefore, they may not release the stolen information, even if they received payment for it.
  • The business may be seen as an easy target after paying the ransom and could become a more frequent victim of future attacks.
  • Even if the encryption key is provided after payment, it may not work. In addition, there could be additional malware hidden for a later attack.
  • If the attacker is operating from a sanctioned country, paying the ransom may be illegal under U.S. law.

Why You Should Pay

What happens if you pay the ransom? Some recent trends suggest that paying the ransom may be a good idea. 

  • Sometimes, the cost of recovery exceeds the amount of the ransom. In May, Baltimore was attacked with ransomware that blocked access to government systems. The city refused to pay the demand of $76,000. After two months of struggling, the attack is estimated to cost over $18.2 million in lost revenue and restoration costs.
  • If the threatened release of files could do irreparable damage to the company’s reputation, the company may decide the risk is not worth it.
  • Most hackers, ironically, behave honorably when restoring the data after receiving a ransom payment. These cybercriminals need businesses to trust that they will get their data back for their ransom demands effectively. 

Your Best Move

The best move is to obtain cyber insurance and adopt a comprehensive cyber security program that will help the business avoid falling victim to a ransomware attack. Ultimately, if a company is attacked, whether to pay ransomware depends on whether the business can withstand the hit. Variables to consider are the nature of the attack, the nature of the business, and the nature of the risk. 

When a ransomware attack victimizes a company, it feels as if there is no good solution. However, the best choice for the organization is to create a quality security infrastructure to avoid becoming a victim in the first place.

About Connected Risk Solutions

At Connected Risk Solutions, we provide our agent partners with bold solutions for comprehensive insurance and risk management that are unmatched in the industry. We have market connections and collective decades of industry experience, including deep specialization in healthcare liability and managed care E&O, cyber and tech liability, management and professional liability, as well as captive management and risk management. We strive to develop creative solutions no other wholesaler can match and to help our agent partners give their clients the ability to achieve continued growth while simultaneously protecting against loss.

Our specialists, located in offices throughout the country, are responsive and engaged. To learn more, connect with us.

Table of Contents

Related Posts:
ConnectedRisk_HealthcareReform
Healthcare Reform and Its Impact on the Insurance Industry
The healthcare landscape is continually changing, and healthcare reform is a critical driver of change....
ConnectedRisk_SeniorCare
Looking at the Advancements in Senior Care
Senior care has undergone some extraneous advancements, and there are budding reasons for optimism. Now,...
ConnectedRisk_HealthcareStaffing
The Latest About Healthcare Staffing
The healthcare staffing industry is going through some changes as things fluctuate on the backend of...