Ransomware: Should businesses pay up?

Adriene Hill May 16, 2017
Share Now on:
HTML EMBED:
COPY
An IT researchers shows on a giant screen a computer infected by a ransomware. DAMIEN MEYER/AFP/Getty Images

Ransomware: Should businesses pay up?

Adriene Hill May 16, 2017
An IT researchers shows on a giant screen a computer infected by a ransomware. DAMIEN MEYER/AFP/Getty Images
Share Now on:
HTML EMBED:
COPY

Hackers have reportedly stolen an upcoming Disney movie and are holding it for ransom. Deadline reported it’s the new “Pirates of the Caribbean” film. Combine that with the broader ransomware attack WannaCry, which disrupted businesses around the world, and it got us wondering: When does it make sense to pay out?

“Never, ever, ever give in to ransomware,” said Liviu Arsene, a threat analyst at BitDefender. “If you give in once, probably hackers will come in again and again, and try to extort money from you. Once there’s blood in the water, definitely sharks will come.”

And no one wants sharks. That “don’t pay up” advice is what you’re going to hear from law enforcement. And it’s advice that a lot of experts are going to give in a situation like Disney’s: Don’t negotiate with terrorists. But Stu Sjouwerman, from the cybersecurity training firm KnowBe4, said when hackers have locked up your data, it’s not always cut and dry.

“It’s a business decision,” Sjouwerman said. There’s a fate — potentially worse — than those circling sharks.

“If you find that your backups failed, and you find that you’ve lost months of work, which would potentially even shut you down as an organization, it’s a no-brainer to pay the ransom,” Sjouwerman said. “And many people do.”

The government says ransomware costs businesses millions of dollars each year. Simon Crosby, from the security firm Bromium, agreed that there’s a time and place an organization might have to considering paying, but it shouldn’t come to that. A company should have everything properly backed up.

“If they don’t have backups, then I’d slap them around a few times and say, ‘Why not?’” Crosby said.

There may be lot of businesses out there in need of that sharp reminder.

As a nonprofit news organization, our future depends on listeners like you who believe in the power of public service journalism.

Your investment in Marketplace helps us remain paywall-free and ensures everyone has access to trustworthy, unbiased news and information, regardless of their ability to pay.

Donate today — in any amount — to become a Marketplace Investor. Now more than ever, your commitment makes a difference.