Imagine your company just fell victim to a ransomware attack. What would you do? One group of doctors decided to retire rather than pay the ransom. The officials in Jackson County, Georgia decided to pay the $400,000 ransom. The city of Chicago paid more than $1 million. So, what would you do?
One of the things you might consider doing, rather than pay the ransom, is to hire a ransomware recovery firm. These companies ostensibly use high-tech methods to restore the affected data with techniques like data decryption.
When you visit their websites, you’ll see quotes like “Paying attackers is definitely not a solution.” Or, “Don’t Pay the Ransom. Paying criminals a ransom doesn’t guarantee you’ll get your data back. Paying-up is a risk you don’t want to take. Let our experts handle the situation for you.” Sounds good, right? As things turn out, the truth is very different.
A recent report from investigative newsroom ProPublica found that these companies almost always do exactly what they tell you not to do: pay the ransom. So now, not only are you paying the ransom, but these companies’ fees on top of it.
According to the report, one such company “Proven Data promised to help ransomware victims by unlocking their data with the ‘latest technology,’ according to company emails and former clients. Instead, it obtained decryption tools from cyberattackers by paying ransoms, according to Storfer and an FBI affidavit obtained by ProPublica.”
If you do get hit by a ransomware attack and decide the best course of action is to pay the ransom, there are companies out there that openly help you in that process, so you know what you’re dealing with up front. But, there’s still something much better than that. Not getting stung by ransomware in the first place.
It’s shocking how many companies out there won’t spend 50 bucks a month for advanced phishing protection but will come up with all kinds of money to waste on these recovery firms. According to an article on SC Magazine, “MonsterCloud was mentioned in a case of paying attackers after the firm requested $2,500 for an analysis of the problem and costing up to $25,000 to recover from an attack where the ransom was only $7,000 worth of bitcoin.”
When you’re ready to take advantage of low-cost, quick-deployed, real-time, cloud-based email security to protect your company from phishing and ransomware, head on over to Duocircle and try it risk-free for 30 days.