Should You Ever Pay a Ransomware’s Ransom?

 Even if you haven’t yet succumbed to ransomware, you can imagine the feeling: logging into your device to discover your files missing and a discouraging message demanding digital payment, likely in the form of cryptocurrency. It’s frightening, embarrassing and irritating — and you are likely tempted to pay the sum to get the whole ordeal over with.

Billions of individuals and businesses have been attacked by ransomware within the past decade; though the number of attacks continues to decline, the number of strains has doubled in recent months, proving that hackers are not giving up on this method of securing data and cash. In fact, the average ransom price has increased to over $1,000 because hackers are finding victims so willing to pay.

So, should you pay a ransom demanded by ransomware? The straight answer is: No! And here’s why.

You Probably Won’t Get Your Data Back

A study on ransomware victims found that of the users who caved and paid their attackers the sum they demanded, less than half ever regained even a shred of their data. Specifically, 49.4 percent of ransom-payers attested to recovering their data, while 50.6 percent lost it all and the money of the ransom.

The same study also looked into what happened to the users who refused to pay the ransom, and it found that 86.9 percent of non-payers ended up recovering their data — though it is important to note that most of these were organizations who make regular backup copies of their systems. They were able to simply restore to an uncompromised copy and continue with business as usual.

Seeing as though the only reason you might consider paying the ransom is for the safe return of your data, this finding should be eye-opening.

You Encourage Ransomware Attacks

Ransom payment is precisely what ransomware authors are after. That means by paying the ransom, you are confirming these criminals’ beliefs that this is a lucrative occupation and you are encouraging them to continue developing and releasing malware onto the web. Worse, when ransomware makes headlines with major earnings, it inspires other cybercriminals to take up the ransomware mantle and create their own devastating malware. Ultimately, paying the ransom just strengthens cybercriminals’ resolve to perpetrate cybercrimes.

Unfortunately, you don’t just generally increase the likelihood that anyone will be hit by ransomware; you also increase your own chances for additional attacks. The creators might say that they will return your data and remove all traces of the malware once you pay, but there is hardly a code of cybercriminal honor. More likely, they will leave some kind of malware roots on your device, which they can use in the future to attack you again, asking for more ransom money, stealing more data or performing other despicable deeds.

You Won’t Become More Secure

Most often, users who pay the ransom and receive their data back fail to learn any lesson with regards to internet safety and security. Like toddlers whose parents immediately replace the toys they break, these users don’t modify their behavior to be more careful and protect the devices they need and use; instead, they mistakenly believe that should malware surface again, they can just as easily overcome the attack and resume normal operations.

Unfortunately, this isn’t the case. Malware comes in all shapes and colors, and not all malware announces its arrival, makes a clear demand and promises to leave when that demand is met. In fact, most malware is much more sinister, lurking in the background and pilfering important information, like your online logins to bank accounts, payment card numbers and more. If only so that you take malware attacks seriously, you should avoid the “easy” solution of ransom payment and instead work to understand what went wrong and how to avoid it in the future.

You Can Beat the Ransomware Without Paying

As evidenced by the 86.9 percent of non-payers who successfully overcame the attack and retrieved their data, you shouldn’t be hopeless if you fall victim to ransomware. Instead, you should know that there are several ways to overcome the attack without paying.

First, you can rely on a number of ransomware removal services. These software tools have an extensive knowledge of ransomware tactics and techniques, so they can quickly identify how the ransomware works and what actions will reverse its effects. You should consider investing in a ransomware tool from a large, well-established information security firm, which has the resources to address even the latest ransomware threats.

Next, you should begin the habit of backing up your devices frequently. You should backup to two locations: one on the cloud and one on a physical external hard drive. You should avoid remaining connected to these backup locations, so ransomware attackers can’t pilfer your backups when they infiltrate your device.

Many experts predict that ransomware is diminishing as a major threat — but that doesn’t mean it is going away completely. The more you know about how to protect yourself against ransomware and how to react when ransomware hits, the better.