Two separate pieces of ransomware news have trickled in recently. One is good news, and the other provides a big wake-up call for Finance staffers.
First the good news: A security researcher reached out to the people behind TeslaCrypt asking for a master key to unlock it’s ransomware. Surprisingly, the hackers complied. That means that now users who have certain file types locked will once again be able to access them.
On the other hand, not everyone is so lucky.
Pay up … twice
A hospital in Wichita, KS, found out how fickle ransomware can be in the opposite way.
After being hit with ransomware, Kansas Heart Hospital made a move that many companies do: It decided rather than dealing with the frustration, it would do as the feds have recommended — pay in order to get access to its systems again.
It paid what the hospital describes as a small amount of money and was told its files wouldn’t be unlocked unless it paid more.
The hospital decided not to pursue things any further than that.
This highlights a very real risk for companies. While paying the ransom will probably result in getting files back, it could mark them as an easy target or result in a situation like this where the money is gone and you’re still left without any files you need.
It’s important to plan for any eventuality with ransomware – be it paying, refusing to pay or trying your best to negotiate with attackers.
But on the other hand, it’s important to remember that there are no guarantees of return. No hacker will put their name to a binding contract, and once payment it sent it’s gone forever, whether you get your files back or not.
Perhaps the best bet is to have multiple redundant forms of backing up files. It won’t prevent ransomware or any financial fallout from getting infected. But it may help you survive a major loss at the hands of attackers.