It could be your worst nightmare. You only turn on your PC to discover that it has been abducted by ransomware, which decrypts your files only when you pay for them. Should you? What are the advantages and disadvantages of paying out cybercriminals?
It's a difficult problem, and one with many levels. You may need to pay a high ransom to access your files. And then there is the problem of cryptocurrency, the preferred payment method of ransomware. If you are not yet a crypto investor, you might not know how to start setting up a Bitcoin account ̵
And do not forget: If you pay, you have a good chance of winning You can not restore access to your files anyway. There are also ethical questions about paying offenders. As any good economist tells you, with every behavior you reward, you will invariably get more.
On the main street
So, what should you do?
Raj Samani, Chief Scientist and McAfee Fellow. "Do not pay."
This is a simple perspective if your files are not kept with virtual weapons, but it's probably the right call. There's a reason why the US has an official policy of not negotiating with terrorists, and giving away ransom demands seems to encourage criminals.
<img class = "alignnone wp-image-434705 size-full" data-pagespeed-lazy-src = "https://www.howtogeek.com/wp-content/uploads/2019/07/Ransomware-1 .png.pagespeed.ce.LmxufO-BBI.png "alt =" The Wanna Cry Ransomware for Ransomware as a Service, "says Sean Allan, a cybersecurity consultant who writes frequently about ransomware Developed in such a successful and lucrative business that hackers have packaged turnkey ransomware kits, criminals with little (or no) technical experience can easily initiate their own ransomware attacks – according to Symantec's Internet Security Threat Report of 2019, the number of attacks increased in 2017 400 percent by 2018. Much of this growth is likely due to the number of people and organizations who have paid the ransom.
Of course, not all experts take to the streets, Todd Weller, Chief Security Officer of Bandura Cyber had the following to say:
"The practical aspect of ransomware is that the cost of not paying the ransom is much higher than the cost of paying it. The logic is clear. "
This is especially true if, for example, you are a health care administrator, like one of the 16 hospitals that were affected by the Wanna Decryptor Ransomware Virus in 2017. You may have no choice but to pay it's when an urban agency is a victim, like the two cities in Florida that recently paid $ 1.1 million worth of ransomware attacks, arguing that no life was at stake, but why should? doubling bad IT practices by rewarding criminals?
It's a bone of contention For this article, I interviewed 30 cybersecurity experts and consultants, and a full third was unwilling to give a categorical "no," whether or not you Instead, they only turned to questions about the lost files and to weigh the ransom costs against the value of the data.  But Dror Liwer, founder of security firm Coronet, summed it up as follows: "The cybersecurity industry is saturated with consultants encouraging people to pay. Not only is this bad and lazy advice, it can also be harmful to others, as paying encourages attackers to return in the future. "
What if you pay?
You can not decide if you should pay a ransom note based on the argument of better angels. These are your data of which we speak. Anyway, if you choose to make a payment, there is no guarantee that you will get your files back. Experts do not agree on the likelihood of recovery, but there is a fair chance that you will pay and either not receive the decryption key or receive a key that does not work.
 "Criminals are not interested in customer service," jokes Marius Nel, CEO of technology consulting 360 Smart Networks.
In fact, there may not even be a decryption key for your ransomware variant. If you are somehow caught in the crossfire of an attack on a nation-state, or a tool originally designed to attack states that have been misused for secular crime, there may not be a specific key.
"Nation-state attacks are designed to do harm, not blackmail," Nel said.
And do not forget (despite Robin Hood and the crew of Serenity) that there is relatively little honor among thieves.
"I personally saw incidents In this case, thousands of dollars were paid as a ransom to achieve a partial recovery, and then the criminals demanded more for a full recovery," said Don Baham, president of IT service company Kraft Technology Group.
There could also be consequences for the payment of a ransom money that affects you long after you get your files back. Some security analysts warn that victims who pay may be explicitly reoriented because they are placed on a list of those who have demonstrated their willingness to pay. This is less of a concern for companies that can invest in resources to increase security after an attack, but individuals may not know that the ransomware has left behind a Trojan that can re-infect their system at a later date.
The Good News If You Do not Pay
It could be argued that it is simply immoral to pay a ransom because the money can then be used to finance additional cyberattacks, terrorism and other illegal activities. However, you do not have to rely on the moral foundation – there are also some good practical reasons why you should not pay.
First and foremost, being prepared for a malware attack is usually not particularly difficult. When you get things right, you should never get infected or pay when you get something.
"If you have the right protections like antivirus protection, updates, and excellent computer hygiene you should not be worried about being hit," said Charles Lobert, vice president of IT services firm Vision Computer Solutions.
If you are affected by ransomware, the good guys are better prepared than ever. No More Ransom – a collaborative project between McAfee and a handful of European law enforcement agencies with around 100 business and government partners – is a free service that lets you recover your files if you do not make a payment.
"In the past, it felt a bit like Sophie's Choice, which, no matter what decision you made, would end badly," Samani said.
Well, if you're infected, you can go to No More Uninstall the site and upload some encrypted sample files from your computer. If you have cracked the Ransomware family, you can unlock your PC for free.
No More Ransom is not foolproof and not a guaranteed medium. However, it offers the ability to unlock your shared computer without knowing how Bitcoin works.
Of course, if you can restore your files from a backup, this is always a better solution. Backups are critical because they protect you, including ransomware and disk failures.