BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • To pay or not to pay - that is the question

    What should be considered by companies that are faced with ransomware?

    As ransomware attacks become more common and sophisticated, the decision to pay or not pay a ransom becomes more difficult.

    It is difficult to know for sure what proportion of ransomware victims worldwide transfer money to hackers. Some reports for 2021 put this figure at around two-thirds of the time.

    Paying the ransom can often seem like the most reasonable way to solve a problem. However, it is critical to consider the potential impact and long-term impact on the business. For example, there is no guarantee that the payment of a ransom will compensate for the damage caused. Also, the payout can incentivize attackers to new attacks if they see a willingness to meet their demands.

    In many cases, the cost of the buyout is only a fraction of the costs incurred by the company. At the same time, according to various studies, the total cost of mitigating the consequences of an attack is on average seven times higher than the amount of the requested ransom.

    If the attacker is intentionally intimidating the victim company and wants to undermine its economy, paying a ransom is probably not the best solution. This rule is especially relevant for incidents involving geopolitical risks. In addition, state organizations are more likely to adhere to the policy of non-payment of ransom, whatever the threats of hackers.

    The overall damage of an attack usually depends on several aspects at once - the cost of the ransom, reputational damage, and regulatory fines. When it comes to data loss, the risk largely depends on the confidentiality of this very data. For example, simple email addresses and the names of customers or company employees are much less valuable to attackers than identity cards, passport copies, or medical records.

    And if attackers understand the importance of the data they hold, they are likely to demand a higher ransom. For example, one report from IBM indicates that data breaches in the healthcare industry are estimated by hackers to be about twice as expensive as breaches in other industries.

    Regardless of whether the company decides to pay or not pay the ransom, the victim company will have to negotiate with the attackers. Experts advise hiring a professional negotiator who knows what to say and what not to say. A professional also has a better understanding of what tactics to use. Proper negotiation can help buy time and understand who carried out the attack, what information was stolen, and what the criminals are pursuing.

    The decision not to pay the ransom may seem right at first, but this may change as the victim learns more about the circumstances of the attack. An incorrect form of communication with hackers can provoke them to break off negotiations and put the victim in an awkward reputational position through public statements.

    Over the years, various countries have considered banning ransom payments. For example, following the recent cyberattacks on Medibank and Optus, Australian Home Secretary Claire O'Neill said the Australian government would consider making ransom payments illegal. But what if the cost of paying the ransom is less than the damage that inaction causes? Then such a law can only make matters worse.

    Despite the ever-changing nature of ransomware attacks and the varying motives of attackers, the human element of effectively negotiating remains the key to a solution. Successful negotiations with attackers are critical to the potential damage to the victim company.

    Companies should always evaluate all the advantages and disadvantages of paying a ransom, as well as explore possible alternatives. Ultimately, the company's finances and reputation are at stake, so any decision must be balanced. And it is worth taking it only after a thorough analysis of all possible risks.

    And in order not to have to solve such complex issues, you can prepare "still on the shore." For example, conduct regular security tours with company employees and talk about the tricks that scammers usually use. This will greatly increase the chances of avoiding compromising the company's networks even if attackers resort to social engineering and other types of deception.

    Author DeepWeb
    New framework for post-exploitation Exfiltrator-22 from the creators of LockBit
    Parallax RAT attacks cryptocurrency companies with sophisticated malware injection techniques

    Comments 0

    Add comment