Cybersecurity researchers disagree as to whether you should pay. The FBI opposes paying the ransom. Some victims pay and gain access to their files; others pay and never receive a key. In the case of Petya, developers created the software with no method to decrypt data.
Overall, experts suggest cutting losses and not paying the ransom. Yet data loss can have a huge impact on your organisation, and the amount of ransom hackers demand is increasing. Petya developers originally asked for $300 in bitcoins. Newer ransomware versions ask for hundreds of thousands of dollars in cryptocurrency. The ransomware business model exists only because the malicious actors behind it continue to be paid. If payment was taken off the table, the ransomware business model would collapse.
Paying the ransom does not guarantee you will get the private key to restore your data. Instead, protect your files by using protective measures in your day-to-day operations. In case of an attack, you can return files to their original state. This is why backups are critical to recovery from an attack.
- User training
- Quarantining suspicious emails
- Content filtering