If a company gets hit with ransomware, don’t pay the ransom, said Kevin Haley, director of product management and security response at Symantec.
The cost of ransomware doubled from 2014 to 2015, meaning that ransomware is effective enough at forcing companies to pay for hackers to unencrypt their information that the demand for ransomware has increased.
Companies argue that sometimes paying the ransom is a smart business decision because it would cost more money in the long run to get a team to unencrypt the data than it would to pay the ransom money that the hackers demand. Haley said he doesn’t judge the people that choose to pay the ransom for that reason, but allowing the hackers to be rewarded only increases the chance that others will be affected by ransomware.
“Paying the ransom puts a notch on your gate,” Haley said.
If a company chooses to pay the ransom, attackers will make note of that and potentially try to encrypt its data again, according to Haley.
“Paying the ransom puts a notch on the industry’s gate,” Haley said.
Haley cited a case where Hollywood Presbyterian Medical Center gave $17,000 to hackers who encrypted its systems. Afterward, two other hospitals in California, as well as one in Kentucky and one in Maryland, were attacked with ransomware. Haley said that hackers learned that if one hospital would pay the ransom, others would too.
“Ransomware is easy,” Haley said.
Hackers can purchase all the tools they need online. Ransomware can infect systems through vectors, exploit kits, and email.
Haley said the good news is that ransomware will stop eventually or evolve just as malware has.
“Nigerian princes never go away, they evolve,” Haley said.
Each day, 400 businesses get hit by business email compromise (BEC) scams; $3 billion has been lost this way, and 46 percent of these types of attacks come from Nigeria, according to Haley.
Haley said that if a company’s malware protection technology is 99 percent effective, there’s still plenty of malware out there that could affect the company. Therefore, companies that have protective technologies still need to be aware of the threats.
Haley said attackers know the value of data better than individuals do. For example, an Uber account can be bought on the black market for five cents.
Haley told companies to patch Adobe Flash Player and patch their websites. Fifteen percent of legitimate websites contain critical vulnerabilities. Companies need to continue to update their websites and search for vulnerabilities in order to protect their users.
“Cybercriminals do get caught,” Haley said.
Since 2008, the number of cybercriminals who’ve been held accountable for their actions has increased and continues to rise, according to Haley.