Modern field guide to security and privacy

Opinion: Why we shouldn't reward cybercriminals

Paying ransoms to cybercriminals who hijack computers only encourages the scourge of ransomware, which organizations and individuals can prevent by simply backing up their data.

|
Mark Blinch/Reuters/File
Cybercriminals often demand that victims pay them in bitcoins to unlock encrypted data after ransomware attacks.

Anyone who watches TV crime dramas knows you shouldn’t really pay ransom when somebody gets kidnapped. Instead, you use the lure of the payoff to trap bad guys. 

But why are so many people, businesses, hospitalsand even police departments – willing to pay cybercriminals? It seems ludicrous. 

So, when I was going through my Twitter feed recently and caught a snippet of Kaspersky Lab researcher Ryan Naraine talking about this recent Passcode opinion piece on ransomware, I was astonished. 

It turns out that some network administrators will pay ransoms even when their companies have perfectly serviceable data backups. Mind blown.

Yes, ransomware is a big deal. The malware that encrypts data until victims pay up is on the rise. And it turns out lots of people give in to the criminals' demands. For instance, a hospital in California reportedly paid $17,000 to unlock its data.

To be sure, it's a tough decision whether to pay or risk losing data. But paying should never, ever be the first, second, or even third option.

There's something wrong if the working assumption is that businesses, organizations, or individuals just pay without working on a solution to recover the data on their own – or just decide they are going to live without those pictures, files, and documents. 

And anyone with viable backups should greet cybercriminal's ransom demands with a smug scoff, and then quickly restore affected files. 

Here's the thing: Data is lost all the time. It's an unfortunate consequence of relying on computers for everything we do. For instance, we all known someone who was 99 pages into a 100-page dissertation, when his or her hard drive took a dirt nap. It’s a horrible, tragic story that gets played out time and again at home and in businesses around the world.

And yet, catastrophic failure doesn’t really figure into our mental threat models. Things are just supposed to work. Forever. 

But data loss and corruption happens. Ransomware is one type of corruption. So, there's no excuse for not preparing for it. Even system administrators who live under rocks have heard of ransomware by now, and they should know that having a good backup is an easy way of protecting against this threat. 

I realize that even the FBI has suggested that paying ransoms may be the only way for some individuals and businesses to retrieve their locked data. But, officially, here's what FBI Cyber Division Assistant Director James Trainor says: "Paying a ransom not only emboldens current cybercriminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals."

I couldn't agree more. 

Imagine if some random person came up and shot you in the leg and the offered to remove the bullet for a small fee. Would you pay them? What are the odds that they would safely and successfully remove the bullet and any other shrapnel the first time around? What's more, you'd be rewarding a criminal and proving that you're easy target for repeat attacks. 

If you are reading this article and you haven't backed up your data, stop what you're doing and find a way to protect your most valuable information. Backups are critical not just because of ransomware, but because software, computers, and people aren't perfect. Our mistakes result in lost data all the time. 

And paying crooks to fix damage that they caused should never be the default option. 

Lysa Myers is a security researcher at ESET. Follow her@LysaMyers.

 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Opinion: Why we shouldn't reward cybercriminals
Read this article in
https://www.csmonitor.com/World/Passcode/Passcode-Voices/2016/0506/Opinion-Why-we-shouldn-t-reward-cybercriminals
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe