By now, you are familiar with the Colonial Pipeline cyber-attack.
In this case, hackers used a ransomware attack to take the pipeline offline.
Colonial Pipeline’s main gas line carries gasoline and diesel to the U.S. east coast.
The attack and subsequent shortage caused more than 1,000 gas stations to run out of fuel.
And two weeks after the attack, 30% of gas stations in the Southeastern region were still out of gasoline.
To get back online, Colonial Pipeline decided to pay an almost $5 million ransom in untraceable cryptocurrency.
The payment was in exchange for a decryption key that gave Colonial Pipeline access.
In a similar incident, Ireland’s Health Service said they were the victim of a significant ransomware cyber-attack.
The hack targeted the health system’s IT infrastructure and the health service had to completely shut down their IT systems.
So, the hospitals that are part of the system were forced to use pen and paper.
And to make matter worse, hospitals had to cancel all outpatient services.
The fact is, health care organizations are high-value targets for hackers.
And these organizations are motivated to pay ransoms because lives can depend on it.
But Ireland has refused to pay the hackers’ ransom request of $20 million.
Obviously, Colonial Pipeline and Ireland Health Services have two very different approaches to the attacks.
So, how should you handle an attack like this?
Should you pay up to get back on track or tell the hackers there is no way you are paying the ransom?
Here are a few facts to keep in mind before making a decision.
There are no guarantees:
Whether you are the victim of a cyber-attack or a kidnap ransom, you are not dealing with good people.
Hackers and kidnappers are criminals that are hurting people.
Why should you expect them to be honest with you and hold up their end of the agreement?
In these cases, even if you paid the ransom, you don’t know if you will get your data back.
There have been cases when data was either not given back or was incomplete.
In the Colonial hacking, there are indications that their decryption program did not work completely.
So, they paid the ransom, but they did not get full access to their data.
Long-term costs:
Colonial Pipeline didn’t waste any time in paying the ransom. This could be because they didn’t have a backup system in place.
Every company should have an incident response plan.
Joseph Blount, CEO of Colonial Pipeline said he authorized the ransom payment because executives were unsure how badly the cyberattack had breached its systems.
They were also unsure how long it would take to bring the pipeline back.
As for Ireland Health Systems, they refused to pay the ransom, which means they will have to rebuild their IT infrastructure.
Depending on what the hackers compromised, who knows how long and how much it will cost to fix everything.
Will the long-term costs of fixing their IT system be more than the ransom payment? There is a chance it could be.
Weigh the short- and long-term costs for yourself when making your decision.
Encourage more crime:
Hackers now know they can get money out of Colonial Pipeline.
They have opened the door to say they will pay a ransom.
Most western governments don’t recommend paying ransom because it just encourages criminals.
If everybody stopped paying, it would no longer be profitable and criminals wouldn’t waste time hacking into companies.
With no money to be made they will focus elsewhere.
At the end of the day, paying a ransom can be a hard decision.
Cybersecurity experts and most governments recommend against paying a ransom.
Yet, some businesses want to pay the ransom as quickly and quietly as possible to minimize negative impacts on their company.
Use these tips to make the decision for yourself, and develop your own reaction plan.