From the headline-making incident in May that impacted Colonial Pipeline to this month’s hit on Kaseya, ransomware attacks have been nothing short of a plague on businesses in recent months. While they aren’t new, they are certainly capturing the public’s attention and raising eyebrows among lawmakers.
To pay or not to pay the ransom is a hotly debated issue. While most security professionals oppose paying, in certain situations it might make the most sense.
“Everyone says ‘no,’ but it really depends on a case-by-case basis,” says Steven Schwartz, director of security consulting at Eze Castle Integration. “At the end of the day, you need to get the business back up and running. Colonial paid nearly $5 million in ransom to decrypt its computers. That was a business decision – they needed to get their pipeline back up and running.”
Payment is just one of many issues to contend with while under the duress of a ransomware attack. Following are some of the common mistakes organizations make when it comes to ransomware response.
Joan Goodchild is a veteran journalist, editor, and writer who has been covering security for more than a decade. She has written for several publications and previously served as editor-in-chief for CSO Online. View Full Bio