Contact Info

Atlas Cloud LLC 600 Cleveland Street Suite 348 Clearwater, FL 33755 USA

[email protected]

Client Area
Recommended Services
Supported Scripts
WordPress
Hubspot
Joomla
Drupal
Wix
Shopify
Magento
Typeo3

Ransomware incidents have seen a decline in recent times. However, the risk remains significant, prompting enterprises to contemplate if conceding to ransom demands is worth it to prevent the exposure of sensitive data.

As per the NCC Group Threat Pulse Report of May, the frequency of ransomware attacks has reduced since April, yet the scenario is still unstable. The Industrial sector (34%) and the Consumer Cyclical sector (18%) continue to be the most frequently attacked industries.

Significant changes have occurred among the top 10 ransomware groups. Hunters escalated from the eighth position to become the second most prolific group, with a 61% increase in attacks from March to April. RansomHub advanced to third place, overthrowing RA Group, with attacks up by 42% compared to March.

The strategy of refusing to pay ransom, often referred to as the “no concessions” policy, is heavily debated in contexts of counterterrorism and kidnapping. Its effectiveness is contested from various viewpoints, similar arguments are considered in ransomware payment decisions by cybersecurity professionals.

Some argue that paying ransomware demands finances future criminal activity. Legal considerations are also part of the decision equation. In some countries, paying ransom to terrorists is illegal. Others say similar laws are needed to help curb ransomware crime.

According to the U.S. Department of the Treasury, no federal law in the United States makes paying ransomware demands illegal. However, making such payments comes with significant legal and financial risks.

The rationale behind a “no concessions” policy is that eliminating the financial incentive for cybercriminals could decrease the frequency and severity of ransomware attacks, according to Anne Cutler, cybersecurity evangelist at Keeper Security.

“However, this approach, while commendable, presents real-world challenges for organizations,” she told TechNewsWorld.

Cybersecurity experts and government officials have long supported the policy of not paying ransoms due to its potential to curb criminal activity and reduce attacks, noted Cutler. Paying ransoms is risky and unreliable and does not guarantee that cybercriminals will restore access or decrypt files.

“Cybersecurity insurance companies are increasingly excluding ransomware payments from coverage, enticing organizations to invest more heavily in proactive preventative measures,” she added.

Cutler offered Japan’s strategy as a pertinent example. Nikkei Cross Tech and Japan Proofpoint report that Japanese organizations maintain a notably low rate of ransom payments compared to other countries. Despite a surge in ransomware incidents through 2023, the first half of 2024 has seen a slight decline, according to the Metropolitan Police Department’s Threats in Cyberspace Report.

“While it is not clear if this decrease is directly related to Japan’s low payment rate, it suggests that minimizing ransom payments could influence overall ransomware activity,” she explained.

Craig Jones, the vice president of security operations at Ontinue, acknowledged that within cybersecurity circles, there is a debate regarding the merits and drawbacks of prohibiting ransom payments to deter ransomware, stating it’s a complex issue.

“Such a prohibition might demotivate cybercriminals by eliminating their monetary gains, yet implementing this ban presents challenges, largely due to the anonymous nature of cryptocurrencies,” he expressed to TechNewsWorld.

Jones added that in dire scenarios, some organizations might still opt to pay ransom discreetly to salvage essential data or resume their activities, rendering the ban less effective.

He advocates a comprehensive strategy as a better resolution. Jones supports the enhancement of cybersecurity measures, the advancement of global collaboration to identify and prosecute cyber offenders, and the need for stricter regulation of the cyber insurance market.

“This multilayered strategy addresses the root causes and consequences of ransomware without the significant enforcement challenges and potential negative consequences of a ban,” he reasoned.

“Such an approach acknowledges the complexities and the global nature of cyber threats, offering a balanced solution to mitigate ransomware risks.”

In theory, no payment clauses try to disrupt the profitability of cybercrime by denying attackers their desired outcome. However, applying this strategy universally can be challenging, warned Jason Soroko, senior vice president of product at Sectigo. His company offers comprehensive certificate lifecycle management (CLM) services.

“While banning ransomware payments might deter attacks over time, it also puts victims, especially critical infrastructure, in a precarious position, potentially leading to severe disruptions,” he told TechNewsWorld.

Legal frameworks prohibiting payments would need to be carefully crafted to avoid unintended consequences, he suggested. This includes forcing organizations to operate in secrecy or exacerbating the damage during an active attack.

“The balance between disincentivizing crime and protecting essential services is delicate,” he observed.

Employee training and education on cybersecurity best practices are crucial for protecting an organization from evolving cyber threats, countered Patrick Tiquet, vice president for security and architecture at Keeper Security.

“Employees are the first line of defense. Regular training sessions should emphasize the importance of vigilance when receiving unsolicited multi-factor authentication (MFA) prompts,” he asserted.

This educational approach should be aimed at equipping employees to immediately question unexpected alerts and report any odd activities swiftly. Implementing mock phishing and notification tests can be effective measures to train employees in recognizing and dealing with potential threats, as pointed out by Tiquet.

“It’s crucial to nurture an environment where employees are encouraged to communicate possible security concerns without the fear of repercussions, which is vital for the quick identification and handling of threats,” he mentioned.

Ngoc Bui, a specialist in cybersecurity at Menlo Security, believes that it should not be illegal to pay ransoms anywhere. Although it may encourage cybercriminals, choosing not to pay could have more severe consequences, particularly for entities operating essential services.

“The impact of ransomware can be devastating, and it is crucial for organizations to focus on safeguarding their operations and stakeholders. Those experiencing a ransomware incident should take it as an opportunity to learn and strengthen their security protocols, utilizing actionable intelligence to achieve this,” Bui stated.

A fundamental tactic to sidestep the dilemma of whether to pay or not to pay a ransom is by proactively safeguarding against ransomware threats. Tiquet advises that organizations should enforce strict security measures for third-party contractors. This includes undertaking comprehensive background investigations and security evaluations to confirm that contractors adhere to high standards before they are allowed to access critical systems.

“It’s essential to implement the principle of least privilege once contractors are integrated into the system,” he emphasized.

This method involves only providing the essential access needed for the contractors to perform their designated duties within the company. It’s vital to continuously conduct audits on third-party access to quickly identify any irregular or unauthorized activities, thereby facilitating swift actions to contain any potential security issues or violations.


Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.

Share this Post
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x