In-brief: To pay the ransom, or not to pay the ransom, that is the question. In this Security Ledger podcast, we talk to Thomas Fischer, a Global Privacy Advocate at Digital Guardian about why ransomware is such a big problem for businesses these days, and why he thinks paying to get access to your encrypted data is a terrible idea.
This blog garnered a lot of attention back in October when we reported the words of Joseph Bonavolonta, the Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program in Boston, who told an audience at a local event that -in cases of ransomware infections, the Bureau was often in the position of advising firms to pay the ransom to get their data back.
The message wasn’t that the “bad guys are winning” or that paying the ransom was the first step in responding to an infection. Bonavolonta was simply admitting that the encryption used by ransomware was unbreakable, as a practical matter, and that malware authors were wrapping pretty tight code around that encryption. Companies that didn’t have a reliable backup of data to fall back on had (and have) few options.
That story generated a wave of controversy, with many taking the position that individuals and organizations should (almost) never pay the ransom, thereby encouraging the continuation of ransomware schemes.
[Like this article? You might want to read: “It’s time to stop the ransomware shaming!“]
In the months since, we’ve read numerous, public reports about private and public sector organizations that, indeed, have paid off ransomware crews to regain control of encrypted and infected systems. Los Angeles Presbyterian Hospital was reported to have paid a $17,000 ransom in Bitcoin to restore access to its computers. Last week, it was a hospital in Ottawa, Canada that was infected.
A bigger question may be why and how ransomware has become such a pressing issue facing businesses. Just this week, there is news of yet another hospital infected with the malware – this one in Ottawa, Canada. To get answers to those questions, we sat down with Thomas Fischer, a Global Security Advocate at Digital Guardian.*
Fischer is an expert on malware, and one of the hosts of the B-Sides London Conference. He’s also no fan of paying off ransomware crews, as he explains to us in this conversation.