We all know that ransomware is a type of malware that blocks the victim's access to a computer and holds their files and data hostage. Then, attackers demands ransom from the victim in exchange for a decryption key or tool which can restore access to their device.

Even though ransomware has been around for decades, it has many different varities with advanced capabilities of spreading, distribution, encryption of files and persuading victims into paying ransom.

Ransomware attacks are becoming more challenging to prevent and damaging to their victims. The use of offline methods to decrypt files has drastically increased nowadays. It's a fact that many individuals, companies, and governments are getting attacked on daily basis. These attacks can cause data loss and downtime, which means companies and governments can lose millions of dollars, and their reputation or customer service can be affected.

We have to accept the fact that ransomware isn't going away anytime soon. This kind of attack isn't new. In fact, the first ransomware attack happened in 1989, targeting the health industry.

According to cyber security experts, ransomware attacks are expected to happen every 14 seconds this year and every 11 seconds in 2021. If we previosly asked ourselves what "if" it happens to me, now we ask "when". According to statistics, ransomware attacks have increased by 20% in the first half of 2020.

It's getting more expensive for ransomware victims to recover, but is it okay to pay ransom in exchange for a decryption tool? The FBI understands that paying ransom is a business decision, but doesn't recommend it.

Why paying ransom isn't recommended?

• Even if you pay ransom, there isn't a guarantee that computer access will be restored. In fact, many individuals and organizations admitted they were never provided a decryption tool or key.
• Victims who paid ransom were targeted for a second time.
• After paying ransom, some victims were asked for more money in exchange of a decryption key.
• Paying ransom encourages a cybercrime business model.

How to avoid paying ransom?

• With a solid backup and recovery strategy, you will never have to cave to the attacker’s demands.
• Empoyer your end-users to act as a human firewall through regular cybersecurity training and testing.
• Secure your endpoints to make sure cybercriminals can't enter your devices or systems.
• Even if you become a victim to a ransomware attack, deny to pay. Instead of making a payment, make sure you have a backup and disaster recovery. If you can easily restore clean copies of your data, systems, and applications, attackers lose their power.

The best way to avoid becoming a ransomware victim is to have an integrated security system.