Opinion: Why we shouldn't reward cybercriminals
Anyone who watches TV crime dramas knows you shouldn鈥檛听really pay ransom when somebody gets kidnapped. Instead, you use the lure of the payoff to trap bad guys.听
But why are so many , , 鈥 鈥 willing to pay cybercriminals? It seems ludicrous.听
So, when I was going through my Twitter feed recently and caught a snippet of听Kaspersky Lab researcher 听talking about this recent Passcode opinion piece听on ransomware, I was astonished.听
It turns out that some network administrators will pay ransoms even when their companies have听perfectly serviceable data backups. Mind blown.
Yes, ransomware听is a big deal. The malware that encrypts data until victims pay up is 听And it turns out lots of people give in to the criminals' demands. For instance, a hospital in California to unlock its data.
To be sure, it's a tough decision whether to pay or risk losing data. But paying should never, ever be the first, second, or even third option.
There's something wrong if the听working assumption is that businesses, organizations, or individuals just pay without working on a solution to recover the data on their own 鈥 or just decide they are going to live without those pictures, files, and documents.听
And anyone with听viable backups should greet cybercriminal's ransom demands with a smug scoff, and then quickly restore affected files.听
Here's the thing: Data is lost all the time. It's an unfortunate consequence of relying on computers for everything we do. For instance, we all听known someone who was 99 pages into a 100-page dissertation, when his or her hard drive took a dirt nap.听It鈥檚 a horrible, tragic story that gets played out time and again at home and in businesses around the world.
And yet, catastrophic failure doesn鈥檛 really figure into our mental threat models. Things are just supposed to work. Forever.听
But data loss and corruption happens. Ransomware is one type of听corruption. So, there's no excuse for not preparing for it.听Even system administrators who live under rocks have heard of ransomware by now, and they should know that having a good backup is an easy way of protecting against this threat.听
I realize that even the may be the only way for some individuals and businesses to retrieve their locked data. But, officially, here's what听FBI Cyber Division Assistant Director James Trainor says: "Paying a ransom not only emboldens current cybercriminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals."
I couldn't agree more.听
Imagine if some random person came up and shot you in the leg and the offered to remove the bullet for a small fee. Would you pay them?听What are the odds that they would safely and successfully remove the bullet and any other shrapnel the first time around? What's more, you'd be rewarding a criminal and proving that you're easy target for repeat attacks.听
If you are reading this article and you haven't backed up your data, stop what you're doing and find a way to protect your most valuable information. Backups are critical not just because of ransomware, but because software, computers, and people aren't perfect. Our mistakes result in lost data all the time.听
And paying crooks to fix damage that they听caused should never be the default option.听
Lysa Myers is a security researcher at ESET. Follow her.
听
