Question

What are your thoughts on huge ransomware payouts like the Colonial Pipeline payout?

  • 14 May 2021
  • 9 replies
  • 41 views

Badge

Perhaps this is sensationalized just a bit, but turns out that Colonial Pipeline paid hackers $5 million for a decryptor that was so slow that it relied on backups. Are ransomware payouts now just a way of life, and should orgs be budgeting money for one? Or am I blowing this out of proportion?


This topic has been closed for comments

9 replies

Userlevel 2
Badge +2

If there is money to be had, it will happen. In terms of budgeting for one, would that include doing a yearly ransomware continuity test, or fine tuning intrusion detection systems, investing in properly configured remote access controls, or just a separate fund to pay whomever steals your data? This is a long conversation on many different levels.



Open Thread in Slack
Userlevel 3
Badge +3

Companies should probably budget for it BUT through their insurance company. I could see insurance companies adding it as some sort of premium add-on for their cybersecurity portfolio but for certain key industries, they should definitely have a well defined plan for mitigating the issue both in terms of backups and payment. 

Userlevel 2
Badge +2

On the flip side it's hard to budget for loss of customer trust and credibility.



Open Thread in Slack
Userlevel 2
Badge +2

It's an every week thing. www.bbc.co.uk/news/world-europe-57111615.amp



Open Thread in Slack

Would that same budget allow for creating an adequate backup system so if files get encrypted, we don’t need to pay ransom, instead we just restore from a backup? Yes, this can mean some recent work/changes can be lost, but I personally would rather that than rewarding criminals.



Open Thread in Slack

@marquesstewart That's actually a neat idea, to offer a cybersecurity insurance package. The question is if we are coming to terms with the situation, or if governments will collaborate to obliterate ransomware. I'm still hoping for the latter, perhaps I'm being too optimistic.



Open Thread in Slack
Userlevel 3
Badge +3

Nah, the hackers will always be a step ahead of the government



Open Thread in Slack
Userlevel 2
Badge +2

EaaS is the natural solution.
Ransomware orgs can just offer a subscription to exclude customers from their ransomware.



Open Thread in Slack
Userlevel 2
Badge +2

EaaS is the natural solution.
Ransomware orgs can just offer a subscription to exclude customers from their ransomware.



Open Thread in Slack