As reported by Verdict, the UK government has a “strong position” against paying ransomware gangs’ demands, Home Secretary Priti Patel has said.
“Paying a ransom in response to ransomware does not guarantee a successful outcome,” said Patel. “It will not protect networks from future attacks, nor will it prevent the possibility of future data leaks. In fact, paying a ransom is likely to encourage criminality to continue to use this approach.”
<p>Ransomware attacks leave organisations in a complex quandary with multiple questions and up against the clock which potentially leave affected businesses stuck between a rock and hard place.</p> <p> </p> <p>Failure to comply with the demands could potentially leave them with a huge loss of data, unable to function and/or see some of the stolen data spilt on the internet. However, paying the ransom is no guarantee that the data will ever be restored without fault back to its original state. There is also the bitter taste left behind in the aftermath as to how it happened as well as the immediate costs into preparing for inevitable repeat attempts.</p> <p> </p> <p>Like what the home secretary is suggesting, preventative measures make far better security choices and it is always better to patch and protect rather than pay. However, it is often easier said than done due to the persistence of these threat actors. Organisations of all sizes must ensure they have robust controls in place which protect their email and spam filters, as well as use multi factor authentication and increase user awareness training.</p>