Do Not Pay Ransomware – A Lesson for Municipalities

Remember how cybersecurity professionals were telling municipalities not to pay ransomware extortion as it would reinforce and embolden future attacks specifically against their sector? Well, it appears that over 20 government agencies throughout Texas have been hit with ransomware in a coordinated attack.   

I cannot emphasize enough that if you satisfy the cyber criminal’s objectives of financial gain today, they will come back tomorrow with more enthusiasm, focus, resources (thanks to you), and greed. Just like scammers who find a class of easy victims, they then target them in the future.    

Paying ransoms may seem like a quick and short-term fix, but doing so is corrosive over time to the entire peer group and it does not even guarantee all the files will be restored. Many attackers leave backdoors so they can come back later and do it again. It makes perfect sense when you have a victim willing to pay.   

Do not pay ransomware.    

Let me put it another way. Imagine everyone is floating in the ocean when a shark comes by. Having an unprepared person panic and throw food at it may get it to eat the chum and temporarily swim away, but the end result is a school of sharks will appear and begin preparing for a meal. That puts everyone on the menu and in serious danger.    

Do not pay ransomware!    

So again, I will say unequivocally that, ransomware extortion should NOT be paid. Don't chum the waters! The best protection from ransomware involves being prepared before you are attacked. If you have failed to prepare, then the next best solution is to burn it all down, rebuild everything, and restore the data you can. It is the only way to be sure the attackers have not left anything nasty behind.   

Do not pay ransomware!!    

Some of my colleagues will say otherwise, but they are often only looking at the ROI of that one organization which is impacted at the moment and not the strategic picture of the whole community. I am happy to argue and debate with them about what is best for the long-term health of our shared digital ecosystem. Paying criminals only creates a bigger and more powerful problem.