[Reading time: 2 minutes]
If you suffered a ransomware attack*, would you pay the ransom?
(* For today, let’s keep it simple and imagine the attack means that critical files and systems are inaccessible to your organisation because the bad guys have encrypted them. The bad guys say that they can provide the information required to reverse this encryption, but they’re demanding a ransom payment first.)
So, would you pay the ransom?
I’m guessing your initial response is – “No way – Never”.
My next question is – Why not?
Option A – Because you believe it is immoral to reward criminals.
This is very true.
If your organisation is prepared to suffer serious business disruption or face permanent closure rather than paying the ransom and encouraging future crimes, this is commendable.
Society will thank you.
Your customers and business partners may not.
And you may be out of a job.
Option B – Because you believe you can recover without paying the ransom.
This is certainly possible.
With the right technology and sufficient planning, you could restore many of your systems and files from backups, and manually recreate / rebuild the others.
There are many caveats involved, which I will talk about tomorrow.
In the meantime…
Whether you choose option A or B (or any option), has this policy been approved by the executive team and the board of directors, so everyone who will be held accountable in the future is fully informed today?