Letters: Paying up and paying out
[Re: Lawyers should stop telling clients to pay ransoms to hackers, UK watchdogs say]
The issue of paying ransoms to hackers is not as cut and dry as it appears in your article. Many businesses retrieve their stolen data through data backups and therefore do not pay a penny to the attackers. This illustrates the vital importance of having solid and secure backups.
However, paying out seems the only realistic option for companies without strong backups. Recent research found that only around 1 per cent of victims of ransomware who pay do not receive their data back. Nevertheless, there are always question marks over what the criminals would have already done with the data; in all likelihood, they will have copied it for further extortion.
Overall, paying out is not the answer to ransomware. By doing so, you risk funding other illicit activity, not to mention there is no guarantee that your files will be recovered. The key is transparency, reporting the incident and taking swift action to limit the damage. While paying out is not the answer and should never be encouraged, we should sympathise with businesses put into the position. It shows that being hypervigilant, monitoring your systems for vulnerabilities and minimising risk is so crucial in this modern hyper-connected world.
Oliver Pinson-Roxburgh