TRENDING NOW

ESET Research discovers trojanized WhatsApp and Telegram…

SentinelOne Recognized as a Leader in the…

AmiViz ties up with Sectona for the…

Laurent A. Voivenel highlights the potential benefits…

UAE’s ChatGPT rival “Falcon” launched in Abu…

Entrust survey reveals consumers can’t remember their…

Dubai: Will ‘robotic twins’ do our work…

Saudi Arabia ranks first globally in digital…

Mediclinic City Hospital acknowledged as first regional…

Kingston Technology sheds light on the increasingly…

The Voice of IT
ransomware attacks
ArticlesFintechIndustryNews RoomSecurityTechnologyTrending

Ransomware attacks? This is how to deal with it without breaking the bank.

by Shalini Murugesan043

Ransomware attacks are on the rise, and if you’re unlucky enough to fall victim to one, you’ll need to know how to navigate the tricky waters of negotiation with the hackers.

In this article, we’ll explore the dos and don’ts of dealing with ransomware attackers and discuss the ways in which you can regain control of your data without breaking the bank.

Ransomware Attacks – well, what are they?

Ransomware attacks can be devastating for individuals and organizations alike. Not only do they threaten to lock or encrypt important data, but they also demand payment in exchange for restoring access to that data. If you or your organization falls victim to a ransomware attack, you may be wondering how to negotiate with the hacker to regain access to your data.

Okay, so when will you become a victim of this?

There are various methods by which one can become a target of a ransomware attack. One way is by unintentionally downloading the malware onto your computer by visiting contaminated websites. Additionally, attackers may also send infected files as attachments through email or other means like various kinds of phishing.

When ransomware successfully infiltrates a system, it can either encrypt specific files or lock the computer screen. This results in a notification appearing on the screen, preventing the user from using the computer. The notification typically includes instructions on how to pay the ransom in order to regain access to important files, documents, and spreadsheets. Until the ransom is paid, the user will not be able to access the affected files.

According to a report from Group-IB, In the second half of 2021 and first half of 2022, 42 companies in the GCC region fell prey to these attacks – 33 percent of the companies were UAE-based and 29 percent were from Saudi Arabia.

A total 21 percent of the companies who were victim to these ransomware attacks in the report were Kuwaiti, 10 percent from Qatar, while Omani and Bahraini organizations made up less than 10 percent of the organizations targeted.

In 2022, there were about 2,800 known new ransomware victims, based on successful attacks that came to light publicly, including via ransomware groups listing victims on their dedicated data leak sites, reports threat intelligence firm Kela.

If ransomware groups target big businesses and organizations, which sectors are suffering the most from these enormous attacks?

Source: Microsoft

Dealing with Cyber Ransom: Next Steps

A potential concern for businesses that receive a ransom demand is whether they have the means to pay, such as access to cryptocurrency. After receiving a demand, the business must evaluate its options, including whether it can restore the data from backups, if the ransom amount can be negotiated, whether to refuse to comply with the extortion, or if there are legal consequences to paying the attacker.

 Payment of the ransom could expose your business to governance risks. A recent survey conducted with 1,263 companies showed that 80% of victims who made a ransom payment to a hacker were attacked again soon after.

It is also important to note that some ransomware groups may have connections to illegal or sanctioned activities, such as terrorism or human trafficking, which can affect the legality of paying the ransom. A key point of this issue is the importance of conducting due diligence and understanding the role of an informed negotiator.

Do’s:

  • Try to establish communication with the hacker. It is important to understand their demands and what they are willing to negotiate.
  • Gather as much information as possible about the attack and the ransomware used. This can help you understand the severity of the situation and what the hacker is capable of.
  • Consider hiring a third-party negotiator or cybersecurity firm to handle the negotiation on your behalf. These professionals have experience and knowledge in dealing with these types of situations.
  • Be prepared to pay a ransom if necessary, but only after carefully considering the risks and alternatives.

Dont’s:

  • Ignore the attack or hope that it will go away. Ignoring the problem will only make the situation worse.
  • Try to negotiate with the hackers without professional help. This can be dangerous and may lead to further complications.
  • Pay the ransom without trying to negotiate for a lower amount. Hackers often ask for exorbitant fees, but may be willing to accept less.
  • Assume that paying the ransom will guarantee the return of your data. there is no guarantee that you will be able to recover your data even if you pay the ransom.
  • Share personal information or sensitive information with the hacker.
  • Blame yourself or your organization for falling victim to a ransomware attack. These attacks can happen to anyone and it’s important to take the necessary steps to protect yourself in the future.

Access to Specialized Resources in Ransomware Attacks: why it matters?

 An important benefit of cyber insurance is access to skilled negotiators who can reduce the amount of payment. Also, they may be aware of the threat actor and whether they are subject to regulatory sanctions.

In the event of an attack, the attacker will try to prolong negotiations and lower the price demanded, but the targeted business must have an exit strategy in case they do not budge.

In general, attackers set a price that they believe is affordable for victims to pay quickly, but their demands are often negotiable.

Role of Cyber Insurance

The importance of having cyber insurance when dealing with a ransomware attack cannot be overstated. Even if a ransom is not paid, the financial repercussions of a ransomware attack can be devastating.

Cyber insurance can provide crucial support and resources such as access to experts in negotiation, forensic investigation, and remediation, as well as coverage for legal and reputational expenses.

In conclusion, negotiating with ransomware hackers is a delicate and risky endeavour. However, with the right approach and preparation, it can be a viable option for organizations faced with the threat of ransomware.

 By understanding the motivations of the hackers and developing a comprehensive incident response plan, organizations can minimize their risk and potentially come to a resolution that is in their best interest.

Ultimately, it is important to remember that paying a ransom should always be a last resort, as it only perpetuates the cycle of ransomware attacks.

By being proactive in our cybersecurity efforts, we can work towards a future where these types of negotiations are no longer necessary.

Related posts

Volante Technologies research reveals payments modernization plans

admin

In Conversation with Mr. Gunasundaram

admin

UAE seeks to lure tech firms in Asia, Europe with long-term residency, financing

Atamjeet

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.

* By using this form you agree with the storage and handling of your data by this website.

This website stores cookies on your computer. These cookies are used to improve your experience and provide more personalized service to you. Both on your website and other media. To find out more about the cookies and data we use, please click on Read more option. Accept Read More