GlobalSign Blog

Ransomware Attacks: 3 Considerations When Deciding to Pay or Not to Pay (and Tips for Prevention)

Ransomware Attacks: 3 Considerations When Deciding to Pay or Not to Pay (and Tips for Prevention)

Malicious ransomware software is an increasingly common component of modern-day phishing attacks, and it's high time that organizations both large and small understand what they can do if they face a ransomware attack.
This is especially true in light of the fact that the majority of organizations have no idea how to regain access to data once an attacker threatens to permanently delete that data. It's this level of uncertainty in the face of malicious ransomware that leads many organizations to pay cyber criminals a ransom when, in fact, they have other alternatives to pursue.
We’ve covered the best ways for organizations to protect their data and prevent an attack from happening in the first place. But despite the best of efforts and intentions, an especially determined hacker may still break in. It’s then that business leaders find themselves asking, “What should we do now?”
Let’s take a look at three considerations for businesses to keep in mind when they need to decide whether or not to pay the ransom to their attackers.

3 Considerations to Help You Decide Whether or Not To Pay

Here are the three biggest considerations to keep in mind when deciding whether or not to pay:

  • Are you going to get your data back?

    Ransomware payments to cybercriminals, while sometimes appearing to be the safest, most logical course of action for organizations under cyber fire, often do little to help regain lost data. Many businesses who have made ransom payments to cyber criminals never received their stolen data, putting them at an even greater loss than they were at before they lost their data.
  • Is paying going to mark you as an easy target?

    The answer to this question is: probably, yes. If you pay up to the criminals, what’s to stop them from continuing to target you later?

    This is precisely what happened to a company called the Toll Group last year, when they were hit by a ransomware attack twice in three months. Even though Toll paid the ransom the first time, that did nothing to stop the criminals from attacking them again later (and they did so using a different form of ransomware the second time).

    Also keep in mind that by paying the criminals, the money could be used to fund other illegal activities.
  • Is there a less expensive way to proceed?

    While bringing in an outside security firm or response team to help negotiate with hackers does carry a considerable expense, it still could be less than whatever you’d pay to hackers.

    Many industry analysts suggest investing in cyber insurance, which will also cost you – but the peace of mind could convince you to go this route. Be sure to actually read the fine print because the policies across packages can vary significantly.

    When it comes to ransomware, you’ll want to invest in a package that comes with "cyber extortion" or something to that effect. Most of the time, this will need to be purchased as an add-on to an existing policy.

    Most "cyber extortion" packages should cover the cost of the ransomware payment, but will also come with caveats (some packages, for instance, may require authorization from law enforcement before the insurance company can release payment). Again, do your research and read the fine print.

Tips for preventing attacks – and minimizing fall-out

There are many things you can do to prevent hackers from gaining access and holding your data for hostage. S/MIME certificates are one such example, offering encryption as well as sender identification on emails.

Here are three other actions that you can take today to reduce the odds of a ransomware attack happening in the first place:

1. Make sure your payment systems are PCI-DSS-compliant

PCI DSS, or Payment Card Industry Data Security Standard, is essential to businesses that have an eCommerce store and need to know that their customer transactions are secure. Compliance validation for PCI DSS ensures that organizations have taken the appropriate steps to protect cardholder data from cyber-theft and fraud.
Payment systems that come with PCI-DSS compliance mean that customers can securely send invoices online, instantly pay by credit card or secure bank payments (ACH), and enjoy bank-grade security for all online payments they make.
PCI-DSS-compliance allows merchants and organizations to understand ahead of time the processes that protect them from breaches and fraud. It also makes it easier for vendors to implement standards to create secure payment solutions – hopefully preventing the possibility of major breaches – and continue to adapt to payment processes in accordance with industry best practices.

2. Utilize cloud-hosted help desk solutions that come with added security

You've likely heard that cloud computing is the end-all, be-all solution to digital security. This may be somewhat of an overstatement, but it's true when it comes to cloud-hosted help desk ticketing solutions that allow you to backup your data to both the cloud and a hard drive. For organizations that are looking for added protection against ransomware, cloud backup solutions for your help desk ticketing system can be reliable and affordable ways to store copies of your most critical data assets.
Many cloud-hosted help desk solutions also allow enterprises to alert their customers to security threats such as ransomware by using a ticketing system that is easily accessible, comes with 24/7 monitoring, and provides daily backups for security. All of these features can make it so you may not even need to worry about the majority of ransomware attacks threatening your data assets because of how comprehensive they are.

3. Mitigate risk of ransomware with virtual private networking (VPN) technology

VPNs, or virtual private networks, provide enhanced cybersecurity to organizations that want to mitigate the risk of ransomware and phishing attacks. In this day and age, anti-virus software and firewalls, while still worth investing in, aren't enough to secure your connection and protect it from would-be hackers.
Anti-virus programs can actually struggle to secure information from most viruses and malware. The reason being? The usual online connection is not encrypted, but a VPN will ensure that it is so. With a VPN, organizations can safely share data with an encrypted internet connection that can heavily mitigate the risk of ransomware attacks.
Company owners, managers, and employees who work from home or out in the field should all be very careful when connecting to the internet if they want to reduce the threat of a ransomware attack. Using the best VPN possible when using work devices out of the office is one of the most vital steps for protecting your company from ransomware. Popular and well-rated VPNs can all make it simpler for organizations to avoid computer virus attacks and malicious cyber assaults that end in exorbitant ransom requests.
When choosing a VPN, keep in mind that malware providers and cybercriminals are known to use free VPN services that actively accumulate sensitive user information that goes on to be sold to black-hat bidders. Choose a VPN service that has glowing user reviews and transparent management and user policies. And, of course, remember that your VPN service should have capabilities that suit your individual requirements with features that you're looking for.


In a modern world where cyber attacks are commonplace, organizations need to take a good look at their current and future security measures to decide if they can stand up to ransomware. Nobody should have to pay hard-earned funds to cybercriminals, and you and your organization are no exception.

Note: This blog article was written by a guest contributor for the purpose of offering a wider variety of content for our readers. The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of GlobalSign.

Share this Post

Recent Blogs