Security News > 2021 > May > Is it really the Wild West in cybercrime? Why we need to re-examine our approach to ransomware
Colonial Pipeline CEO Joseph Blount later acknowledged that his company ultimately paid the cybercriminals $4.4 million to unlock company systems, generating a great deal of controversy around the simple question, of whether companies should pay when their systems are held hostage by ransomware.
Rather than debating what's ultimately a moral and ethical question that's been around since the dawn of humanity, the proper debate we should be having is about the critical role of technology at non-technology companies.
While companies with technology as their core business like Amazon, Facebook, Google and Microsoft have become household names, they're the exception in a sea of organizations that do everything from manufacturing cars to running hospitals to delivering fuel via pipelines.
A private company maintaining its own extensive network of armed security and special agents tracking criminals and assisting local sheriffs seems like a quaint historical relic, but that's exactly what we've asked most organizations to do today when it comes to cybercrime.
Ransomware attacks need to go from a whispered admission of implied guilt to a well-articulated criminal threat to civil society that merits an appropriate, state-sanctioned response.
Even if you're one of the few organizations where technology is the core business, just as we wouldn't expect Bank of America to round up an armed posse to hunt down criminals that robbed one of its branches, nor should we continue to expect companies to do the cyber equivalent.