“Whenever I am asked what kind of writing is the most lucrative, I have to say, a ransom note.”
– H.N. Swanson, literary agent
Swanson has been a literary agent for famous American writers such as F. Scott Fitzgerald way back when, but this quote is as relevant today as it was then.
83% of businesses that received a ransom note in 2021 paid the ransom.
What’s more, the number of companies that suffered from this type of attack is on the rise. 2021 was the peak year of said attacks, with 68.5% of companies worldwide admitting they are victims of ransomware attacks.
Nowadays, it’s easy to infect devices and send ransom notes in order to get someone’s private information. Even the most inexperienced cybercriminals can find and recreate techniques and methods hackers have used in the past to breach systems.
Ransom tools such as Ransomware as Service also enable cybercriminals to purchase access to malware and use them despite having little to no hacking skills.
What should you do if you get a ransom note, why do so many companies give in to hackers’ demands, and is there a way to prevent ransomware?
Let’s dive in and find out.
Can You Prevent Ransomware?
With ransomware, it’s important to secure access to your sensitive information. Having software that deletes password-stealing malware from your device and creating a safe network to store your data is a promising start.
Ransomware is the type of malware (malicious virus) that hackers use to infect your device and steal passwords or sensitive data. Once they’re in your system or have data they could leak, they have leverage when demanding ransom.
Considering that ransomware is a virus, this means that you can install software that scans, detects, and removes it from your device like any other virus.
Besides anti-virus software and the firewall that you already use to protect your devices, invest in ransomware protection solutions like Check Point that can fend off more sophisticated hacking attempts.
Pro tip: Make regular backups of the most important and sensitive files. Also, separate them from open networks so that they cannot be accessed by hackers.
Why Do Most Companies Pay the Ransom?
Cybercriminals who demand ransom have sensitive information they can use to threaten businesses and individuals. Organizations don’t want to be associated with negative press and thus try to sweep these attacks under the rug.
Clients and customers are scared of hearing that their information has been leaked in the latest data breach and might switch to competitors.
The other side of the coin is financial damage that can put a company out of business. Ransom might come with a hefty price tag, but the recovery period during which organizations need to patch up their security often costs even more.
To avoid the financial consequences and damage to their reputation, companies buckle under pressure and quickly reach for their crypto wallets.
Even the higher caliber companies pay the ransom. For example, after the Colonial pipeline attack, one of the major ransomware cases that occurred last year, the company had paid the Russian hackers within a day of the attack.
Why it isn’t a Good Idea to Pay Ransom
Paying the ransom never guarantees that the attack won’t happen again, all the data that has been stolen will be recovered, or that cybercriminals will keep their end of the deal.
After you pay up, you can’t control whether hackers will hold onto your sensitive information anyway. They could leak it later or use it to get into your system again.
Every ransomware attack is different because it drastically depends on the cybercriminal’s hacking ability and intentions.
For example, they might take control of your entire system and lock you out of the network until you pay the price.
In other cases, the information they get their hands on can be limited to a couple of files that are enough to demand ransom. This might include sensitive and confidential information about your patients or customers.
Some hackers do it for financial gain. For others, it might be a personal attack in which competitors hire someone to damage your company or even to build up their hacking reputation.
What Should You Do if You Get a Ransom Note?
Since ransomware is a criminal activity (source – BBC), you have to contact law enforcement and report the crime. If you pay the ransom, authorities can perceive that as funding a criminal activity — which is illegal.
The ransom note puts a lot of pressure on companies to pay and businesses don’t want to lose the trust of their employees and users. Paying up seems like a quick solution to the problem, but it’s not a guarantee because you just can’t trust cybercriminals – they’re criminals after all.
If you receive one of these notes, you can file a report to the FBI and wait for their team to contact you for further action.
They have extensive experience with common types of cybercrime and can advise you and possibly find the criminal responsible for the attack.
As you wait for their response, make sure to run an antivirus program to detect and remove malware on your computer.
More than half of businesses worldwide have been victims of ransom attacks. Therefore, it’s highly likely that, sooner or later, you’ll be a victim either as an individual or company.
Paying the ransom is illegal. After all, it contributes to the issue as it finances further criminal activity. So, it’s best to not succumb to pressure and contact the law enforcement that already has protocols and solutions in place for dealing with this kind of issue.
To ensure a best-case scenario, you should have preventive measures in place that decrease the chance of an attack. Start with the protection software that can remove the ransomware and create a separate space to store your client’s important data.
You never know when hackers will strike or, if you’ve already been a victim, when will they attack again.