Paying Ransomware – Should you or shouldn’t you? April 9, 2016
by Kayla Thrailkill
You’re hit with ransomware – do you pay the ransom or not?
In the past, the FBI’s opinion on ransomware has been to pay it. This has resulted in millions of dollars being sent to the hackers, in an attempt to obtain the encryption key so the victim’s files could be accessible. Now, with ransomware becoming more and more prevalent, we ask, do you pay?
I firmly believe that paying the hackers is positive reinforcement to a negative behavior. A simple psychology course will teach you that if you reward negative behavior, said negative behavior is bound to continue with the expectation of continued rewards. This is what is occurring with ransomware. In 2015, over $24 million was paid to ransomware hackers. What message does that send? Keep doing it!
Now, Homeland Security has discouraged victims from paying the ransom, as it does not promise that your files will be decrypted. The United States Computer Emergency Readiness Team (US-CERT) has issues a formal alert regarding ransomware. They have seven solution steps to help defend against ransomware which can be found here. www.us-cert.gov/ncas/alerts/TA16-091A
It is worth noting, the second solution US-CERT encourages, is the use application whitelisting technology.
Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.
Poster Comment:
More links in text at source.
Whitelisting keeps malicious software from running. I hope you never suffer from Ransomware.