As ransomware rages, debate heats up on response

Globally, losses from malicious software rose by 60% last year to $8 bn, according to latest data
Services in the U.S. cities of Baltimore and Maryland were paralysed earlier this year when a ransomware attack locked up computer networks and made it impossible for residents to make property transactions or pay their municipal bills. Officials refused to meet hacker demands for a ransom of $76,000 to unlock the systems, but have been saddled with an estimated $18 million in costs of restoring and rebuilding the city’s computer networks. The dilemma in such cases highlight tough choices faced by cities, hospitals and corporations hit by ransomware.
Two Florida cities reportedly paid a total of $1 million in ransom this year, after which a new attack by the same group hit the State court system in Georgia. Globally, losses from ransomware rose by 60% last year to $8 billion, according to data compiled by the Internet Society’s Online Trust Alliance. At least 170 county, city or State government systems have been hit since 2013, with 22 incidents this year, according to the U.S. Conference of Mayors, which adopted a resolution opposing ransomware payments.
Pay or resist?
While the FBI and others warn against paying ransoms, some analysts say there is no clear answer for victims when critical data is locked. “You have to do what’s right for your organisation,” Mr. Falco said. Josh Zelonis at Forrester Research offered a similar view, saying in a blog post that victims need to consider paying the ransom as a valid option, alongside other recovery efforts. But Randy Marchany, chief information security officer for Virginia Tech University, said it’s best not to pay. “ If you pay the ransom, the hackers give you the decryption key but you have no assurance the ransomware has been removed from all of your systems. So, you have to rebuild them anyway.” Victims often fail to take preventive measures such as software updates and data backups. “If the encryption in ransomware is implemented properly, there is a zero chance of recovery unless you pay the ransom,” Brett Callow, of Emsisoft, said. “Often it isn’t implemented properly, and we find weaknesses in the encryption and undo it.”

Source :

About ChinmayaIAS Academy - Current Affairs

Check Also


GSAT-20 GSAT-20, also known as CMS-03 or GSAT-N2, is a high-throughput communication satellite jointly developed …

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Free Updates to Crack the Exam!
Subscribe to our Newsletter for free daily updates