WannaCry Ransomware: Why you should never pay up

In the wake of last week's ransomware attack that caused turmoil for the NHS and many other organisations, we're now even more aware of just how devastating a cyber attack can be. But the question is... should you pay the ransom?

Short answer - never. Sure, when a notification pops up on your screen that threatens to encrypt some of your most irreplaceable files, it's easy to feel the urge to pay the ransom. But there's a reason why cyber security experts encourage people to avoid parting ways with their money.

What would happen if I paid the ransom?

Of the 200,000+ computers that have been encrypted by WannaCry (also dubbed WanaCrypt0r), the hackers behind the attack are charging $300 to $600 to allow you to restore access. But this is where the first issue with paying crops up. Once paid, there is no actual guarantee of receiving access to your files. In fact, it's actually very unlikely that you will receive anything at all.

Common sense would put this down to a natural inability to trust a criminal, especially one who is committing a crime against you. But the issue goes further than that. For instance, much has been made about the sloppiness of WannaCry's coding and design, which has meant that a manual human operator must activate the decryption. Victims are expected to contact the criminals so they can obtain a 'key' to unlock their files. But, given the attention that WannaCry has received, it's unlikely that anyone would return your contact request.

wannacry bitcoin.jpg

If you pay the ransom, you are more than likely going to send Bitcoin that will sit in an address forever.

Am I really a target?

With 54% of UK companies hit by ransomware last year, there's no shortage of targets. In fact, 40% of the emails we received last year contained ransomware. But, although ransomware can target all kinds and sizes of businesses, one of the main targets are hospitals. As seen in the cyber attack on the NHS, hospitals and health organisations are always popping up in the news as latest victims, forking over mounds of Bitcoins to get their systems back up. Because of the critical nature of their infrastructure, if hospital data is inaccessible, it can be a matter of life or death, and cyber criminals know that. In fact, they’re banking on it.

How to avoid Ransomware

There's no one method that can make you completely immune from ransomware attacks, but there are some recommendations on how to mitigate exposure to ransomware:

  • Regularly update anti-virus and anti-malware systems
  • Install patch updates for operations systems, software and digital devices
  • Mitigate risk exposure with data backup systems, which can allow organisations to revert to a ransomware-free system
  • Confirm critical systems are not unnecessarily connected to or accessible from the internet
  • Include cyber security awareness training that discusses ransomware as part of the organisation’s evolving culture
  • Shift the company’s mindset so that ransomware is seen as a business risk issue, i.e., it does not solely impact the IT environment.