To pay or not to pay? The ransomware question you shouldn't have to answer

7th October 2021BlogRob Batters

Are you ready to get in touch?

  • 0207 448 8500
Request a Call back

Protecting yourself against ransomware with cyber resilience

Ransomware is one of the most significant cybersecurity threats facing your business today. One report suggests that there has been a 93% increase in ransomware attacks over the past year.

The mission-critical nature of data means that your business cannot be without it. This is why ransomware is so effective, and why your business is almost certain to experience an infection in the near future. When it happens, you have two choices – pay or don’t pay.

Option 1 – Pay the ransom

Few businesses want to deal with criminals, but when critical systems are inaccessible, an urgent solution is required. Faced with mounting costs, the need to resume operations immediately and distrust of existing disaster recovery (DR) provisions, some organisations will choose to pay the ransom.

There have been several high-profile examples of businesses cutting their losses. Colonial Pipeline paid a £5m ransom after losing control of their infrastructure and creating shortages across the southern US. Major insurer CNA Financial negotiated a $40m settlement, thought to be the largest ransom ever paid, after experiencing a similar outage.

Some businesses may be able to recoup their losses through insurance, others will simply have to write off the loss. But few smaller enterprises will be able to meet these demands.

Option 2 – Don’t pay the ransom

For ideological or political reasons, other organisations will choose not to pay criminals. Instead, they will work to restore operations using their own DR systems.

Take the Irish Health Service Executive (HSE), who lost access to all of their IT services when clinical systems were infected by the Conti ransomware variant. Despite threats that compromised patient data may be leaked – and the fact that the HSE is simultaneously battling the COVID-19 pandemic – senior officials have vowed that data will be recovered from DR and no ransoms will be paid.

Adding a new layer of protection with cyber resilience

The best way to deal with ransomware is to be prepared in advance. This is especially true as traditional IT security systems are being breached more frequently than ever. No matter how well-patched your firewalls and anti-malware software are, hackers always seem to be one or two steps ahead.

Disaster Recovery is an important layer of defence, but to meet the challenges of the future, it must be strengthened with cyber resilience strategies and technologies. Unlike DR, cyber resilience intelligently identifies key data and captures it for storage in an immutable, offline vault. This data is then inaccessible to criminals – and ransomware – that might gain access to your infrastructure. It cannot be overwritten or encrypted by malware, ensuring the back-up data is always accurate, reliable and ready to be restored in the event of an infection. 

The advantage of cyber resilience is you can carry on working, offering services and support, before, during and in the aftermath of any ransomware infection.

To Pay or not to pay ransomware

Greater business resilience in the face of more frequent attacks

The need for cyber security extends beyond ransomware defence. Resilient businesses have been able to continue through uncertain and ever-changing times – including the current COVID-19 pandemic. Using cyber resilience tools alongside existing DR solutions allows you to build secure foundations for your business. 

Using cyber resilience tools alongside existing DR solutions allows you to build more resilience into your business. Click To Tweet

Protect your business against current and unknown future cybercrime threats with a cyber recovery solution from Northdoor.

Get in touch by completing our online form, or give us a call on 020 7448 8500 to arrange a free initial consultation.

Our Awards & Accreditations