Negotiating with Ransomware Gangs

2020-09-30 11:19

For now, it seems that paying ransomware, while obviously risky and empowering/encouraging ransomware attackers, can perhaps be comported so as not to break any laws and even if payment is arguably unlawful, seems unlikely to be prosecuted.

Payment is the least costly option; Payment is in the best interest of stakeholders; Payment can avoid being fined for losing important data; Payment means not losing highly confidential information; and Payment may mean not going public with the data breach.

Payment does not guarantee that the right encryption keys with the proper decryption algorithms will be provided; Payment further funds additional criminal pursuits of the attacker, enabling a cycle of ransomware crime; Payment can do damage to a corporate brand; Payment may not stop the ransomware attacker from returning; If victims stopped making ransomware payments, the ransomware revenue stream would stop and ransomware attackers would have to move on to perpetrating another scheme; and Using Bitcoin to pay a ransomware attacker can put organizations at risk.

When confronted with a ransomware attack, the options all seem bleak.

The only guarantees during a ransomware attack are the fear, uncertainty and dread inevitably experienced by the victim.

News URL

https://www.schneier.com/blog/archives/2020/09/negotiating-with-ransomware-gangs.html

#ransomware