In the last few years there have been a lot of news articles and upsetting stories about companies and their websites ravaged by the ransomware trend. While the tactic isn’t exactly new, this type of encryption-based malware has become an alarmingly popular trend among the hacker communities that target both businesses and private computers. The oh-so-clever idea is not just to do damage like worms that simply delete files or spyware that silently steals data. Instead, hackers stand a chance to directly make a little (or a lot) of cash off their victims by holding their precious files hostage and demanding a crypto-currency ransom.
Chances are that you are already familiar with the basic attack procedure of today’s ransomware. First, it infects your web server or local computer in one of the usual routes. Perhaps a phishing email, an infected website, or even a direct hacker-led invasion of your firewall. But once it’s in, the ransomware starts its work encrypting every file on your computer. Sometimes, the program is even smart enough to spread to other computers on the same network and encrypt their files as well.
Once the files are encrypted, they are useless. Without the decryption key, there is no way to extract the files and rescue them even if you remove the hard drive from the infected computer. The idea behind ransomware is that, theoretically, if you pay the crypto-currency ransom that the software will then automatically decrypt the files and return them to a useful state.
The Myth of Successful Ransoms
Every IT professional worth their salt will tell you not to pay the ransom. But many companies get the wrong idea based on a few sensational news stories where recovering the data was simply not optional. The most prominent stories were whole hospitals or hospital departments held for ransom where patients were put into a life-or-death situation if their files could not be accessed. Without proper backups, the hospitals were forced to pay in order to recover vital medical records, software, and any potentially infected medical devices.
However, what business owners need to understand is that these hospital attacks are unique and organized cases where the victims were scouted, targeted, and expertly attacked. They are statistical anomalies. The vast majority of today’s ransomware attacks are actually automated chance encounters with malicious software. Infected emails, downloads, and websites are far more likely to trigger an everyday business ransomware attack than a live hacker enacting a plan for profit.
And in this environment of automated ransomware attacks, it’s vital to understand that you should never, ever pay the ransom. Why, you ask? Today we’re here to outline the five strongest reasons why paying the ransom is a very bad idea.
1) Hackers Can’t Be Trusted
First and foremost, it’s important to acknowledge that no one who chooses hacking as their avenue to profit can be trusted. These are not hard-working IT technicians writing quality software. They are people with limited and selective technical ability making use of fear, deception, and destruction in order to feel powerful and, very rarely, make a profit. Consider the traditional types of malware like adware which simply expands until it kills a computer’s processing ability with very little chance of actually selling anything on the ads. Or the Viagra email scams, or simple worms that mindlessly spread and delete everything they touch with no sense of gain for the original hacker who wrote the program.
Keep this in mind when reading the ransom message. Unlike ransoming a person, hackers have no reason to give your files back. They have nothing to gain from fulfilling their ‘promise’ to decrypt and don’t care a whit about your business or the integrity of your files. A ransomware attack is essentially a hit-and-run and you just can’t trust a hacker to do anything for you whether you pay them or not.
2) The Decryption Process May Not Work
Another important point to remember is that hackers are not traditionally very good at writing good software. Therefore, there is no guarantee that their ransomware will even work “as advertised”. If hackers were expert programmers, they could make many times what they generate with random ransomware attacks by working a real job in the high-demand IT industry.
The horror-movie idea of an expert hacker attacking your business for profit does exist out there somewhere, but most hackers are IT wash-outs with limited abilities and a malicious mindset. Even if they meant to recreate a working ransomware program or write their own, encryption is one of the most advanced forms of software programming and not everyone does it correctly. And malware has no auditing process to guarantee quality. Even if you do pay the ransom and the program is supposed to decrypt your files, it may simply fail to do so. And hacker tech support is an immediately laughable concept.
3) Not All “Ransomware” is Actually Encryption Software
But even worse than a failure to decrypt your files after you pay the ransom is the possibility that the ransomware is a complete fake. It’s easy to write a program that deletes or corrupts files and then delivers a ransom message in a new window. It’s much harder to actually write a program that successfully encrypts and then decrypts files on demand. Much less the files of an entire computer or connected network.
Rest assured, there are many hackers out there trying to make a few crypto-coins by simply pretending to distribute ransomware and collecting from businesses too naive to realize the truth. It is entirely possible that if you are the victim of a “ransomware” attack that the malware isn’t actually complex enough to encrypt or decrypt anything. Your files may just be gone. Or they might all still be in place untouched but merely threatened by an ominous message claiming to be ransomware.
4) Payment Encourages the Attacks
The next reason not to pay the ransom, if you can possibly avoid it, is that if even one hacker gets paid more will come out of the woodwork thinking this tactic is a good one to try. From the rare experts who write impressive and malicious encryption software to the fakers who just send threatening messages and hope for a payout, a ransomware hacker’s dream is to get free crypto-cash by manipulating the fears of businesses and individuals.
If there is any way to continue on without trusting, paying, and relying on a hacker to get your files back, that would be better than perpetuating the ransomware trend. Most businesses decide that it is far better to invest in good network security and backup recovery plans than to pay these fearmongering criminals.
5) Backup Recovery Means You Don’t Have to Pay
Finally, the best argument we have for never paying a malware ransom is that you probably don’t have to. A high-quality backup and recovery plan makes it possible to fully thumb your nose at any attempt to ransom your files because you have them backed up, compressed, and safely stored somewhere on the cloud where hackers cannot get to them.
Modern backup and recovery technology makes it possible to take a snapshot of all your important files or even your entire workstation and network configuration. Done correctly by professionals, you can now wipe your entire network to factory settings and then restore from your backups so that your office is back to smooth business as usual in no more than a few hours. With the right backups and expert recovery process, ransomware can do nothing more than slow you down for a single day. So there’s no point in worrying about paying the ransom, whether the threat is genuine, or whether the software really can return your files to their original state.
—
Don’t fall victim to a ransomware attack and never, ever, feel that you need to pay a hacker’s ransom. Contact us today for more insights on how to keep your company secure with best practices and strong software.
