When should you pay ransomware?

Trey Turner

Paying Ransomware

It’s a tough dilemma. No one wants to pay a ransom. But when considering the options, it may appear to be the prudent choice. Trey Turner, senior security consultant at Alagen, talks about the reasons you shouldn’t pay. Then, he emphasizes the importance of being prepared so that you can recover quickly without having to pay. He also suggests that you know your risk tolerance and have planned in advance under what circumstances you would consider payment or related actions.

– Paying a ransom is not a great idea for three main reasons; (1) even if you pay the ransom, there is no guarantee you will get the decryption keys, (2) paying the ransom makes you a target for future attacks, as the bad actor is now aware that you will pay, and (3) you’re supporting a criminal activity by enabling the bad guys to continue this habit.
– Law enforcement will always suggest that you not pay a ransom.
– Preparing a recovery strategy is essential in avoiding the dilemma of whether or not to pay the ransom. This includes having a plan to recover your data from backups, and removing the ransomware in a timely manner.
– If you can’t recover the data, be prepared to know under what circumstances you’d be willing to pay the ransom, when you’d contact insurance, and potentially consider ransomware negotiation.

Ask an AlaGENIUS: More Ransomware FAQs

Learn how ransomware spreads as explained by a security pro.

Trey clarifies if ransomware attacks are data breaches.

Tom shares the primary components of this financially-motivated type of attack.

Protect Your Company from Ransomware Attacks

Alagen has helped organizations of all sizes become ransomware resilient. Guided by established best practices, our Ransomware Resilience Planning service focuses exclusively on ransomware prevention, containment and recovery. Efficiently assessing your strengths and weaknesses, our experts forgo extensive (and time consuming) discovery and documentation to quickly deliver what matters most — prescriptive guidance to decrease your likelihood of a ransomware victimization.

Alagen Cybersecurity Solutions

Alagen is a 100% security services firm with consultants nationwide. A comprehensive partner across the full security lifecycle, Alagen assists with strategic advisory (including CISO as a service), threat + vulnerability management, architecture + integration, and managed services. Unlike many consultants, Alagen is not a reseller. Instead, Alagen pairs deep expertise with a customer-oriented approach that finds the solutions that best address the unique security challenges of each client.

Please explore our website or contact us to learn more about how we can help improve your cyber security.

Become an Insider

Subscribe today to our free eNewsletter for security insights, exclusive invitations, and more.

Alagen Cybersecurity Solutions

Your ace in the cybersecurity foxhole. Follow us on all your social media platforms.


Become an

Alagen Insider

Subscribe today to our free eNewsletter for security insights, exclusive invitations, and more.

© 2020 Alagen, LLC. All rights reserved.