1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The best reason for never giving in to ransomware demands

Discussion in 'CSO' started by RSS, Apr 12, 2016.

  1. RSS

    RSS New Member Member

    The U.S. Computer Emergency Readiness Team (CERT) has a new advisory on the dangers of data extortion in which it stresses that Web servers are now a popular means of entry for ransomware. This is another fine reason for keeping Web servers and their databases completely walled off from more sensitive parts of your networks. Although it would be terrible if attackers were to gain control of your website, letting them do the same to payroll, accounts payable and the supply chain can be far worse. 

    But the most significant point that the CERT made was that organizations shouldn’t pay ransoms. Ever.

    “Paying the ransom does not guarantee the encrypted files will be released. It only guarantees that the malicious actors receive the victim’s money and, in some cases, their banking information,” said the advisory. “In addition, decrypting files does not mean the malware infection itself has been removed.”

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page