To Pay or Not to Pay Ransom: 6 Reasons to NEVER Pay

You open your laptop to a message on your screen from a hacker who is telling you that they’ve encrypted your data and you won’t get it back unless you pay a $5,000 Ransom.

I know you’re probably thinking that if you pay up, it’ll be easier, you’ll get your data back and this will all be over. This is actually not the case. Cybersecurity experts and even the FBI urge anyone who has been affected by ransomware to never pay the ransom. Here are the multiple reasons why:

Reason 1: You May Not Regain File Access

This is arguably the biggest problem when paying ransom. You’re dealing with a cybercriminal whose mission in life is to manipulate people and systems for their own selfish benefits. So, what makes you think you can trust a criminal’s word? They aren’t reliable and don’t care about restoring your file access. So if you pay the ransom, there’s a good chance you just lost your data AND a hefty amount of money.

Reason 2: Some Ransomware Doesn’t Encrypt

Ransomware typically falls under one of two categories: the kind that encrypts the victim’s files and the type that doesn’t. Encrypting ransomware is the most problematic, as it requires a decrypt key to restore file access. Non-encrypting ransomware may still restrict access to your files. However, it’s usually easier to fix than its encrypting counterpart.

With non-encrypting ransomware, you can often fix the infection using anti-malware software. Since it doesn’t encrypt your files, you don’t have to worry about obtaining a decrypt key. Rather, you need to lift the restriction that’s preventing you from accessing your files, which may be possible through traditional anti-malware software or system restores.

Reason 3: You Could Become a “Known Player”

This one is serious. Whether your ransomware attack is on a personal device or a work device, you should never pay the ransom because you could be targeted more than once. By paying the ransom, you mark you or your organization as a “known player” to the hacking community. If the cybercriminal does give you the encryption key to regain file access, that key could contain a signal that leaves “breadcrumbs”. This identifies you as someone likely to pay the ransom a second time. A few months later, you could be targeted all over again.

Reason 4: It Funds Criminal Activities

A lot of the time, money hackers gain from their victims through ransomware attacks are used to fund future attacks and other illicit activities. Hackers can and will use this money to purchase new computers, servers and software that allows them to target even more victims with malicious software. By paying the ransom, you’re encouraging hackers to continue this illegal behavior. On the contrary, not paying will send the hacker a message that there’s no money to be made off of you.

Reason 5: There May Be Decrypt Keys Available

Depending on the specific type of ransomware infecting your computer, you may be able to find a decrypt key without paying the ransom to the attacker. As explained by NoMoreRansomware.org — a site that publishes free ransomware Decrypt Keys — some malware authors make mistakes when implementing their ransomware, allowing cybersecurity professionals to crack the encryption. In other cases, police seize and raid the cybercriminals’ computers, on which the decrypt keys are stored.

Some of the ransomware types for which decrypt keys are available include:

• AutoLocky
• BTCWare
• Crysis
• Chimera
• CoinVault
• Jigsaw
• Rakhni
• Ronnoh
• Rotor
• Shade
• TelsaCrypt
• TorLocker
• WannaCry (CWRY)
• Wildfire
• Xorbat

If you know the name of the ransomware infecting your computer, search for “[ransomware name] + decrypt key” on Google. With a little bit of luck, you may find a solution.

Reason 6: The Attack May Not Be Legit

Not all malicious software demanding money is actual ransomware. Fake ransomware looks like the real deal, but it doesn’t lock or otherwise restrict access to your files. Many victims end up paying it, however, because they believe their files are encrypted and want to regain access as soon as possible.

By definition, ransomware is a type of malicious software that restricts access to the victim’s computer data until a ransom is paid. Even if a pop-up message demands payment in exchange for unlocking your files, it could be fake ransomware — and paying it will have no effect on whether you can access your files.

Now that you know why you shouldn’t pay the ransom, click here to learn how to prevent ransomware attacks and keep you and your organization safe from cybercriminals. 

Elevated Technologies offers round-the-clock security monitoring for your business. Hackers never sleep and are driven by a desire to break into your business’s system to gain access to your data and your clients’/customers’ confidential information. Let us defend your network so you can rest easy and focus on your business. Remember: preventing a cyber-attack or data breach is way more affordable than recovering from one. 

Contact us today if you’re at all worried about the security of your organization.