If You Are a Victim of Ransomware, Should You Pay?

Bob Ulrich
Posted on April 13, 2017

If you are a victim of ransomware, what should you do? Here are some choices.

1. Pay the ransom.

2. Call law enforcement.

3. Not pay the ransom.

4. Follow 2 and 3.

There really is no right answer. The FBI strongly encourages victims to contact one of its local field offices or the U.S. Secret Service immediately in order to provide assistance when your business is blackmailed by cyber thieves. It also does not encourage payment of the ransom.

Here are the risks you face if you pay.

 * Paying the ransom does not guarantee access to your data once the ransom is paid.

* Paying the ransom opens the door to future attacks because the attackers know you will pay.

* After paying the ransom, some victims have been asked to pay even more to get the encryption keys.

* Paying ransom supports and encourages this illegal activity.

However, what if the information being held hostage is critical to your business? In addition, how much will downtime cost you? I compare this to companies that will settle out of court even if they are not guilty. They do so when they know the cost of trying to prove their innocence – with no guarantee of that -- would be much greater than settling.

It may be giving in to extortion, but it’s still a tough call.

I know of four dealers who dealt with ransomware recently. I talked to one in my “Beware of Ransomware” report in our April issue. He didn’t pay, but his new POS software system was less than two weeks old. He also didn’t call the authorities.

He was a little embarrassed. “You think you’re smart enough to run your business,” he told me.

The FBI says law enforcement “may be able to use legal authorities and tools that are unavailable to most organizations.” It can even enlist the assistance “of international law enforcement partners to locate the stolen or encrypted data or identify the perpetrator.”

If you experience a ransomware attack, I would suggest you give the FBI a call. Ransomware cost businesses at least $1 billion last year, and that doesn’t take into account unknown attacks where the business owner paid the ransom and moved on. It also doesn’t take into account downtime. $1 billion is a very conservative estimate that cybersecurity companies agree will increase dramatically in the next five years.

As for whether or not you should pay the ransom, that’s a tough call.

Related Topics: B.O.B., FBI, Ransomware

Bob Ulrich Editor
Comments ( 1 )
  • Ginny

     | about 10 months ago

    The best practice is to have excellent network protection and to your data backed up in several places, at least one of which is off site. That way, if you do get ransomware you can restore your data. I would never pay the ransom, as often times the attackers will supply you with a fake key to retrieve your data - that is if they provide you with anything at all.

More Stories
News

Goodyear Launches Tire Maintenance Program for Shared Mobility Services

Goodyear Tire & Rubber Co. is launching an advanced tire maintenance pilot program with STRATIM, a San Francisco-based startup whose technology platform tracks, monitors and oversees fleet maintenance for tens of thousands of vehicles operated by more than 50 mobility services in more than 25 markets across North America.

Matt Leeper from Falken Tire Corp. gave away this motorcycle to Ron Barlow from FTC Enterprises.
Photo

Photos: 2018 K&M Tire Dealer Conference

K&M Tire Inc. invited 1,000 people to the Chicago area for its 2018 Dealer Conference. There were educational sessions over the course of the day-and-a-half event, plus a trade show where tire suppliers gave away cash prizes, cars and motorcycles.

Atlantic Tire & Service has built a new store in Wake Forest. The 7,182-square-foot outlet is the dealership's fourth in North Carolina.
News

Atlantic Tire & Service Expands in North Carolina

Atlantic Tire & Service Inc. has opened its fourth store in North Carolina’s Triangle Region. The eight-bay outlet is located in Wake Forest. The dealership also has stores in Raleigh, Cary and Durham.

News

Ricky Benton Racing To Make MENCS Debut At Daytona

Ricky Benton Racing (RBR) Enterprises announced today that the team will be jumping to the Monster Energy NASCAR Cup Series (MENCS) for the season-opening Daytona 500 in February. David Gilliland has rejoined the team to pilot the No. 92 Black’s Tire and Auto Service/Carquest Auto Parts/Ford Fusion.

Be the First to Know

Get the latest news and most popular articles from MTD delivered straight to your inbox. Stay on top of the tire industry and don't miss a thing!