There is No Value in Paying a Ransom

We all know at this point how dangerous ransomware can be for businesses. It can lock down files, threaten operational continuity, and in some cases subject victims to brutal fines as a result of privacy breaches. One place where you might not expect ransomware to hit, however, is customer reviews, and it all stems from the big question: do you pay to resolve a ransomware attack or not?

The obvious answer is “no,” you shouldn’t pay to get rid of a ransomware problem, even if you think that it’s your only option. Rest assured, it is far from the only way to solve your issues. Paying up creates serious problems for your business, some of which you may not have considered. We generally advocate that businesses should never pay the ransom because it 1) Rewards the downright deplorable behavior of hackers, 2) There’s no guarantee that you will get your data back in the first place, and 3) You are funding future ransomware attacks against other businesses like yourself. We like to recommend that businesses have data backup solutions in place on the off-chance that a ransomware attack rears its ugly head, but you should always, and we mean always, contact a trusted IT professional before taking any action in ransomware care.

But again, the point we want to make is that you should never pay the ransom, even if it feels like your only option. In fact, it could put your business’ customer base at risk, and not in the way that you might expect. It turns out people don’t really like to work with companies that are struck by ransomware, but even worse, they don’t like to work with companies that pay criminals for the safe return of their files.

Backing this claim up are the results of a survey by data management firm Cohesity. The study asked 1,000 consumers in the United States about their thoughts regarding ransomware. Some of the most concerning numbers have to do with companies that not only are struck by ransomware, but those that also pay the ransom. Here are some statistics:

• 55% of respondents said they would lose confidence in a company or organization if they are impacted by ransomware.
• 54% of respondents claim they would lose confidence in a company if their personal data were breached.
• 29% of respondents claim they would lose confidence in a company if the breach led to any inconvenience on their part.
• 23% of respondents would lose confidence in businesses that pay the ransom.
• 22% of respondents would cease doing business with any organization that pays the ransom.

So, there you have it. Not only are you risking your business’s data, but you are also risking the public’s perception of your business if you fail to protect your company from ransomware. Even if you don’t think ransomware can strike your company, it is better to be safe than sorry.

Don’t let ransomware hold your business hostage; take the appropriate preventative measures now to keep ransomware from crippling your business in the future. k_Street Consulting, LLC can assist with implementing any and all security measures your business needs to minimize the chances of a ransomware infection. To learn more, reach out to us at (202) 640-2737.