Does Banning Ransomware Payments Reduce Ransomware Attacks?

The problem with ransomware attacks has grown beyond just our world of IT. Ransomware attacks in the U.S. and beyond are rapidly rising in frequency and severity. Countless big-name companies have fallen victim in the last year alone, while many small to medium-sized businesses suffer attacks as well. 

The big question remains every time an organization is attacked: should they pay the ransom? We always recommend calling your IT security team ASAP before responding in any way to a ransomware attack on your organization. The great debate remains whether banning ransom payments would halt attacks, or only merely reduce them.

Today’s ransomware gangs are heavily driven by one thing: money. As the technology and manpower behind ransomware attacks continues to grow, ransomware attacks are becoming very profitable. Cyber criminals are driven by the fact that hacking into corporate networks to encrypt servers and files often leads to the victim organization paying a ransom–either in Bitcoin or an alternate cryptocurrency. Ransom payment happens often enough, and in large enough quantities, that it continues to motivate cyber criminals to keep investing their time and energy into the attempt.

Would banning ransomware payments possibly stop ransomware attacks?

Maybe, but probably not. Many organizations pay ransom not because it is a recommended practice, or their IT security team advises them, but simply out of desperation. Hackers know this. Timelines on demands play into the panic and anxiety associated with attacks. “Banning” payments would not remove this element, leading many organizations to still choose to pay ransom when put in a desperate position.

Recent ransomware attacks have seen ransom payment demands in numbers as greater as $5 million and $11 million. Despite the enormous numbers, companies often pay up because they don’t feel as though they have any other option.

What can my organization be doing to combat a potential ransomware attack?

  1. Make sure you are working with a qualified third-party IT security team like Clarity that can support your company size and network.
  2. Require employees to use strong, unique passwords and encourage use of password auto-generators. Discourage single universal password use and sharing the same password for work and personal use.
  3. Require employees to use multi-factor authentication (MFA). This helps reduce password-share risk and adds an additional layer of security for individuals logging into the company network.
  4. Properly offboard former employees by removing their access to the network and changing any passwords they had access to.
  5. Utilize dark web monitoring solutions that will scan the web and alert your company if any of your passwords have been compromised. Reach out to Clarity if you need recommendations or help with implementation.

As always, if Clarity can support your business in any way, or if you have questions about managed IT support, contact us here.