Ransomware attacks are becoming more common these days, but at the same time, the number of victims who agree to pay for decryption keys is increasing. In short, ransomware attacks encrypt files stored on infected devices and then lock the system. Asking victims to pay a ransom for the decryption key would technically allow them to regain access to the device and files.
While there is no guarantee that hackers will actually provide decryption keys, a growing number of companies agree to pay cybercriminals if devices are compromised. There have been two such cases in recent days. First, after hackers managed to break into the Hackensack Meridian Health network, New Jersey’s largest hospital, and locked all electronic devices, the hospital paid the hackers to regain control of the system. In addition, LifeLabs, a Canadian company, agreed to pay a ransom in exchange for data from 15 million customers.
In response, Microsoft said in an article that it would never encourage ransomware victims to pay for any form of ransomware. Paying a ransom is often expensive, dangerous, and only increases the attacker’s ability to continue fighting. Most importantly, paying cybercriminals for ransomware decryption keys does not guarantee that your encrypted data will be restored.
The article goes on to detail how the company prepares for a ransomware attack, focusing on backup of critical systems and files. The ability to return to a known good state is the most critical strategy for dealing with any information security, especially ransomware. Other ways to stay secure include email filtering, system patching and vulnerability management, antivirus protection, and application whitelisting.