Normal logic about ransomware says that when local governments, agencies and large companies pay a ransom, it encourages more criminals to launch more attacks and get more money. But unfortunately that is not the case according to experts. According to a Axios news article,
“By the numbers: Riviera Beach and Lake City, Florida, paid a combined $1.1 million in ransom over about a week in June.
- Meanwhile, Atlanta spent $17 million restoring systems rather than pay a $50,000 ransom last year.
- Baltimore is likely to spend $10 million restoring its own systems refusing to pay a $75,000 ransom this year. The disruption to its city services may cost another $8 million.
The intrigue: For some cities, the best response might be to pay the ransom, then use the millions of dollars that would have been spent on recovery to strengthen cyber defenses before the next attack.
- “If you don’t learn from the past, you will end up being ransomed again,” said Deborah Golden, the new head of Deloitte’s cyber consultancy.
- Whether a city pays, doesn’t pay or has yet to be attacked, prevention will often save money.”