It’s not basically your job to secure the world against cyber criminals, the decision of paying a ransomware demand is mainly about business.
FBI Cyber Division deputy chief James C. Trainor disagrees. The Bureau advised the organization to do not pay lest they cheer up criminals and motivate others to start using ransomware.
“Paying the said ransom by an organization might unwittingly be encouraging other unlawful activity associated with this very evil system attackers”, said by Trainor.
All the said statement is worth noting, but the general suggestion is worth less than paper it is written on.
It is not basically a reporter opinion; criminals and system administrators all over have so often advised on paying ransom that whispers in the criminal’s ears than hearing “an organization has paid off ransomware attackers” borders on boring.
Law enforcement authorities need not to extend themselves to ask or know the opinion of the criminals. Across America, police units have themselves paid the ransom, and have more doubtless scores of other hospitals, schools and government organizations.
It’s really futile to asking organizations to not pay or avoid ransoms just like asking them to trigger alarms while a stick up. I have been worked numerous bars in my time and every where there is a policy to avoid any hostage situation and let the insurance cover up all the losses.
The only one who cares if the hackers or cyber criminals are caught are the cops and so it is with risky ransomware.
Hence, the victim has only three choices
Format and lose all the valuable data
Restore a backup
Or pay the ransom money
The later option depends on the type of ransomware that has been invaded or attacked.
If the infection is Cryptowall, one of the version of Cryptxx, than you will probably find no any other way to decrypt files without paying the said amount as a ransom.
The above statement is all because of the fact that, these ransomware is created by professionals and there is a high chance that the distributors of these ransomware will only provide the decryption key after payment.
It is considerably very risky as all the payments should be made with a possibility that hackers will take the amount and run away. Yet the extremely worst anger outed with the cursory Google search for all the net chatter about the ransomware.
Ransomware is, however one among the world’s worst infection due to its fluid professional business model of giving keys for payment that encourages other victims to pay up as per hackers wish.
The cops just wanted to break this model by placing the onus on the victims to not pay the specified ransom. Breaking cyber criminals business model is not the job of system administrator nor the family tech is responsible for storing that copy of family photo and other documents.
The key point for any individual or business in paying is the variant and reputation of the ransomware, the cost of interruption from restoration, the value of lost data and the size of the caisson.
Pre-planning and rapid research is key
FBI and others would better be saving their offering advice and breath about how victims can recognize or identify and then decrypt their ransomware malware, inspite of delivering sermons from ivory tower.