BTC $55865.7639
ETH $3222.4858
BNB $400.6682
SOL $110.6842
XRP $0.5548
ADA $0.6230
AVAX $39.2767
DOGE $0.0896
TRX $0.1404
wstETH $3751.1765
LINK $19.0474
DOT $8.0594
WETH $3236.9354
MATIC $1.0625
UNI $10.5983
WBTC $55965.3668
IMX $3.3901
ICP $13.0143
BCH $300.6764
LTC $74.8911
CAKE $3.2355
FIL $8.1517
ETC $28.1561
RNDR $7.4096
KAS $0.1718
DAI $0.9979
HBAR $0.1117
ATOM $11.3293
VET $0.0491
INJ $36.5642
TON $2.1072
OKB $51.3395
LDO $3.5443
FDUSD $1.0015
STX $3.0723
ARB $1.9162
NEAR $4.0168
XMR $131.7677
TIA $17.0755
XLM $0.1186
GRT $0.2823
ENS $22.2643
THETA $2.1117
MKR $2155.4331
WEMIX $2.1023
APEX $2.4575
BEAM $0.0357
BTC $55865.7639
ETH $3222.4858
BNB $400.6682
SOL $110.6842
XRP $0.5548
ADA $0.6230
AVAX $39.2767
DOGE $0.0896
TRX $0.1404
wstETH $3751.1765
LINK $19.0474
DOT $8.0594
WETH $3236.9354
MATIC $1.0625
UNI $10.5983
WBTC $55965.3668
IMX $3.3901
ICP $13.0143
BCH $300.6764
LTC $74.8911
CAKE $3.2355
FIL $8.1517
ETC $28.1561
RNDR $7.4096
KAS $0.1718
DAI $0.9979
HBAR $0.1117
ATOM $11.3293
VET $0.0491
INJ $36.5642
TON $2.1072
OKB $51.3395
LDO $3.5443
FDUSD $1.0015
STX $3.0723
ARB $1.9162
NEAR $4.0168
XMR $131.7677
TIA $17.0755
XLM $0.1186
GRT $0.2823
ENS $22.2643
THETA $2.1117
MKR $2155.4331
WEMIX $2.1023
APEX $2.4575
BEAM $0.0357
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • To pay or not to pay - that is the question

    What should be considered by companies that are faced with ransomware?

    As ransomware attacks become more common and sophisticated, the decision to pay or not pay a ransom becomes more difficult.

    It is difficult to know for sure what proportion of ransomware victims worldwide transfer money to hackers. Some reports for 2021 put this figure at around two-thirds of the time.

    Paying the ransom can often seem like the most reasonable way to solve a problem. However, it is critical to consider the potential impact and long-term impact on the business. For example, there is no guarantee that the payment of a ransom will compensate for the damage caused. Also, the payout can incentivize attackers to new attacks if they see a willingness to meet their demands.

    In many cases, the cost of the buyout is only a fraction of the costs incurred by the company. At the same time, according to various studies, the total cost of mitigating the consequences of an attack is on average seven times higher than the amount of the requested ransom.

    If the attacker is intentionally intimidating the victim company and wants to undermine its economy, paying a ransom is probably not the best solution. This rule is especially relevant for incidents involving geopolitical risks. In addition, state organizations are more likely to adhere to the policy of non-payment of ransom, whatever the threats of hackers.

    The overall damage of an attack usually depends on several aspects at once - the cost of the ransom, reputational damage, and regulatory fines. When it comes to data loss, the risk largely depends on the confidentiality of this very data. For example, simple email addresses and the names of customers or company employees are much less valuable to attackers than identity cards, passport copies, or medical records.

    And if attackers understand the importance of the data they hold, they are likely to demand a higher ransom. For example, one report from IBM indicates that data breaches in the healthcare industry are estimated by hackers to be about twice as expensive as breaches in other industries.

    Regardless of whether the company decides to pay or not pay the ransom, the victim company will have to negotiate with the attackers. Experts advise hiring a professional negotiator who knows what to say and what not to say. A professional also has a better understanding of what tactics to use. Proper negotiation can help buy time and understand who carried out the attack, what information was stolen, and what the criminals are pursuing.

    The decision not to pay the ransom may seem right at first, but this may change as the victim learns more about the circumstances of the attack. An incorrect form of communication with hackers can provoke them to break off negotiations and put the victim in an awkward reputational position through public statements.

    Over the years, various countries have considered banning ransom payments. For example, following the recent cyberattacks on Medibank and Optus, Australian Home Secretary Claire O'Neill said the Australian government would consider making ransom payments illegal. But what if the cost of paying the ransom is less than the damage that inaction causes? Then such a law can only make matters worse.

    Despite the ever-changing nature of ransomware attacks and the varying motives of attackers, the human element of effectively negotiating remains the key to a solution. Successful negotiations with attackers are critical to the potential damage to the victim company.

    Companies should always evaluate all the advantages and disadvantages of paying a ransom, as well as explore possible alternatives. Ultimately, the company's finances and reputation are at stake, so any decision must be balanced. And it is worth taking it only after a thorough analysis of all possible risks.

    And in order not to have to solve such complex issues, you can prepare "still on the shore." For example, conduct regular security tours with company employees and talk about the tricks that scammers usually use. This will greatly increase the chances of avoiding compromising the company's networks even if attackers resort to social engineering and other types of deception.

    Author DeepWeb
    New framework for post-exploitation Exfiltrator-22 from the creators of LockBit
    Parallax RAT attacks cryptocurrency companies with sophisticated malware injection techniques

    Comments 0

    Add comment