As many organizations in various industries face the potential and the reality of ransomware attacks, it’s logical to wonder: what happens if we pay the ransom?
Will cybersecurity insurance protect us?
A recent attack on the San Bernardino County Sheriff’s Department computers resulted in the department paying the hackers $1.1 million in ransom (reference).
Let’s look at what paying a ransom does to your attack situation–and whether your organization should consider it if you face an attack yourself.
Hackers entered the San Bernardino County system and encrypted data on their computers, leaving department personnel unable to access information. Ransom, in the amount of $1.1 million, was demanded in cryptocurrency.
A department spokesman noted that the county had recently taken out cybersecurity insurance in anticipation of a potential attack. Because of the insurance policy, the county’s share of the $1.1 million payout came to $511,852, with the insurance company covering the rest.
the fallout of the attack was that deputies could not access the California Law Enforcement Telecommunications System, which gives deputies information when people are wanted for crimes in other parts of the country.
The short answer is to always check with authorities and your IT person before paying a ransom or making contact with cybercriminals during an attack.
The San Bernardino Sheriff’s Department attack is one scenario but certainly not the golden rule regarding ransomware attacks and paying a ransom. It’s important to note that most standard insurance policies do not cover cyber-attacks. Ensure you purchase specific cybersecurity insurance and understand what it covers before you suffer a ransomware attack. If you’re wondering whether your business needs cybersecurity insurance, we wrote an entire blog on the topic, answering all your common questions.
In general, businesses should avoid paying ransom at all costs. In many cases, paying ransoms encourages repeat attacks. Hackers gravitate towards money – paying ransom tells hackers your organization has money and is willing to pay.
Every organization in every industry faces the potential threat of a ransomware attack. Statistically, it’s likely your organization will be hit at some point. However, you can take preventative actions to reduce risk and the effects and cost of downtime.
As a managed IT service provider in the Greater Phoenix Area, PK Tech can support your business in reducing ransomware attack risks and establishing preventive cybersecurity measures. Contact a member of our team to learn more about what we can offer.