Cyberattacks: To pay or not to pay ransom?

Last week, cyber gangs caused chaos in the United States; they hacked one of its largest petroleum companies. The attackers used malicious software or ransomware to infiltrate the pipeline's nerve-centre of operations, effectively cutting off petroleum distribution to a large swathe of the country.

Ransomware is a type of malicious software created to block access to the victim's computer system. The cyber actors hold the victim's computer systems or data hostage until a ransom is paid. No country or organisation, developed or underdeveloped, is immune to cybercrime.

In the case of the US oil company, the attackers overrun the information system's security controls. They crippled petroleum distribution, causing panic as a large region of the US went for days without a supply of diesel, petrol, and jet fuel, forcing governors of the affected states to declare a state of emergency.

Multiple news sources reported that the CEO of the affected company (Colonial Pipeline) paid a hefty ransom in Bitcoins. Bitcoins and cryptocurrencies are an attractive form of paying the ransom because recipients do not reveal their identity.

Creaky computer networks

The rate of ransomware attacks has risen lately. This upsurge is fuelled by two factors: the growing use of Bitcoin or cryptocurrency in general and the fact that the pandemic pushed many people to work from home, relying on their creaky computer networks.

Governments worldwide advise against paying the ransom as it can fuel more crimes. But many ransomware victims — especially those ill-prepared for a quick recovery — opt to pay.

Most of the world's critical infrastructure lacks an appropriate level of preparedness to thwart cyberattacks, and the question is not "if" but "when" they will be attacked. The quintessential question, therefore, is, should compromised organisations pay a ransom?

On the surface, not paying the ransom sounds like the logical route to follow, but for the victim, the temptation to pay is high and for good reasons.

Outlawing ransom

Some governments have toyed with the idea of outlawing ransom payment altogether. However, prohibiting ransom payments in all call cases could be disastrous, especially when hackers hit essential services such as hospitals, or transport services, including air travel.

Whereas ransom payment should not be the default solution, organisations should not approach this issue with one hand tied to their back. They should have several options available to them, including the option to negotiate a payment. A blanket refusal to pay ransom could jeopardise lives, impede vital services, and irreparably destroy a business.

The best defence against cyberattacks is building strong digital security around an organisation's digital assets and continuously seeking security loopholes and sealing them immediately.

Companies need to have a policy detailing when, how, and under what conditions ransom would or would not be paid.

They should also consider buying cybersecurity insurance. But keeping a company's data backup updated all the time is the best insurance policy against doomsday.

Email: [email protected] Twitter: @samwambugu2