Should Government Pay Ransomware?

An IBM Security study found that 60 percent of respondents opposed local governments paying ransomware. Read on to learn more about the implications.  

Government Ransomware

Ransomware attacks are on the rise, and U.S. taxpayers are divided on the issue of who should pay the hackers to recover the data. An IBM Security study surveyed 2,200 U.S. citizens on their understanding of and willingness to fund cybercrime recovery efforts. The respondents also gave their opinion on actions taken by the government to prevent and respond to cyberattacks.

The study found that:

  • 75% of the respondents were concerned about having their personal data held for ransom.
  • About 80% feared the impact of ransomware attacks on U.S. cities.
  • About 60% of U.S. citizens surveyed opposed their local governments using tax dollars to pay the ransom.
  • 60% of respondents preferred their city use tax dollars to fund recovery efforts rather than pay ransom.
  • More than 30% of taxpayers surveyed opposed paying to help emergency services, police departments and schools hit by a cyberattack. In addition, many of those willing to pay would only do so if restoration costs were less than $50,000.
  • About 40% of respondents specifically opposed to providing financial assistance to police departments and public schools.
  • About 90% of taxpayers surveyed supported an increase in federal funding to help local governments improve cybersecurity. In addition, more than 75% of responding citizens supported federal reimbursement to help cities already hit by cyberattacks deal with ongoing recovery efforts.

Can We Stop Cyberattacks?

While there’s no way to eliminate cybercrime completely, preparedness can drastically reduce its incidence. That starts with a collaborative effort from cybersecurity providers, local governments, businesses, and individuals.

Organizations must implement a comprehensive cybersecurity plan that includes recognizing red flags and responding to an attack. The vast majority of cities and businesses hit by attacks failed to take precautions and had no response plan. Understanding how hackers operate and what steps to take to minimize risk is crucial. Helpful precautions include:

  • Choosing strong passwords consisting of lower and uppercase letters, numbers, and symbols
  • Doing research before installing third-party applications
  • Backing up data on an external drive or through a cloud service
  • Keeping operating systems and software up to date
  • Recognizing malicious phishing emails
  • Using multi-factor authentication to access personal accounts

Prevention is the Best Cure

There is a widespread misunderstanding that paying a ransom will restore stolen data. Hackers often take the money without honoring their promise, leaving the victims deeper in the hole. Paying ransoms only guarantees future cyberattacks with higher demands. Even if the hacker agrees to release the data, the victims must still spend time and effort to restore each compromised device and conduct security audits. The high price of ransomware coupled with the untrustworthiness of the hackers make prevention the much better option.

As cybercriminals continue to ramp up attacks on cities and small businesses, cybersecurity is a must. By taking the proper precautions and learning how to recognize signs of malicious activity, individuals and organizations can help thwart hackers and reduce their risk of having their data held for ransom.

More Like This

Are You Ready For Pandemic 2.0?

Will We Have Another Wave Of COVID-19? Dr. Anthony Fauci has made clear that he is almost certain the novel coronavirus will come back in the fall. Even so, a whopping 42% of CFOs don’t have a plan for what to do if the pandemic and accompanying shutdowns hit yet again. Don’t wait until fall hits to start …

Are You Ready For Pandemic 2.0? Read More »

Read More

AA20-133A: Top 10 Routinely Exploited Vulnerabilities

Original release date: May 12, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patching the most commonly known vulnerabilities exploited by …

AA20-133A: Top 10 Routinely Exploited Vulnerabilities Read More »

Read More

AA20-126A: APT Groups Target Healthcare and Essential Services

Original release date: May 5, 2020 Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC continue to see indications that advanced persistent threat (APT) groups are exploiting the Coronavirus Disease 2019 …

AA20-126A: APT Groups Target Healthcare and Essential Services Read More »

Read More

Is this a new version of Nefilim Ransomware or something different?

Original release date: May 5, 2020 Summary A possible new variant or maybe a different tactic now being used by the Nefilim Ransomware Background As noted originally by the BleepingComputer the ransomware going by the name of Nefilim came to be around the end of February2020. While these threat actors originally deployed a Tor Payment …

Is this a new version of Nefilim Ransomware or something different? Read More »

Read More

How to Use Microsoft Teams

How to Use Microsoft Teams Technology Microsoft Teams has quickly become one of the most popular tools businesses are using as employees have migrated to working from home. How can your business best use Teams and its features to keep employees connected and productive during the COVID-19 pandemic? What Is Microsoft Teams? Microsoft Teams is …

How to Use Microsoft Teams Read More »

Read More

AA20-120A: Microsoft Office 365 Security Recommendations

Original release date: April 29, 2020 Summary As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the speed of these deployments, organizations may not be fully considering the security configurations of these platforms. This Alert …

AA20-120A: Microsoft Office 365 Security Recommendations Read More »

Read More