RSA: Should You Pay Ransomware?
VIDEO: The U.S. Secret Service provides some advice and some warnings about ransomware.SAN FRANCISCO—Ransomware attacks are a scourge that threatens organizations with information deletion if they don't pay hackers' demands. At a Verizon panel event here at the RSA Conference, experts from the private sector as well as the U.S. Secret Service provided some candid thoughts about how to respond to ransomware. Bryan Sartin, managing director of The RISK Team at Verizon, asked the panelists, "Ransomware attacks, do you pay, do you play or do you go on holiday?" William Noonan, deputy special agent of Cyber Operations for the U.S. Secret Service, responded, "If you're doing business right, you go on holiday." The solution to ransomware is really to have persistent backups that would provide a measure of resiliency for an organization, according to Noonan. Organizations should be educated to understand that they should have persistent backup as a best practice for the business, he added.
In terms of whether or not a ransomware victim should pay the hackers or attempt to play the situation out, Noonan noted that the Secret Service cannot comment on which route an organization should take.