<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=259493914477262&amp;ev=PageView&amp;noscript=1">

Tabush Group's Cloud & Managed IT Blog

To Pay or Not To Pay: How to Handle a Ransomware Demand

Ransomware attacks are ever-growing threats, and law firms need to be prepared. Becoming locked out of your network or applications creates a massive roadblock, costing your firm time, money, and even its reputation. Not only are ransomware attacks becoming more sophisticated, but they are increasingly directed at law firms due to the sensitive nature and high value of their data. If your firm is hit with a ransomware attack, should you pay the ransom?

What is Ransomware?

Ransomware is a common type of malware that targets and encrypts a victim’s data. According to the 2022 Verizon Data Breach Investigations Report, ransomware is on the rise and present in almost 70% of malware breaches. Once the malware is installed, it locks a firm out of the affected files or even their entire network. The cybercriminal demands payment in exchange for a decryption key that, hopefully, releases the data. If the victim does not pay, they could lose their data forever. These attacks severely limit business operations and may lead to data loss, reputational harm, and lost business – even if the ransom is paid.

What Happens if You Pay?

In the “best-case scenario,” the cybercriminals send a decryption key, the key works, and the data is returned unscathed. However, the encryption may corrupt all or parts of the data, leaving a business with less money and more problems. The financial impact of a breach may also lead to employee layoffs, with 50% of legal firms reporting layoffs after a ransomware attack, according to CyberReason.

You are probably familiar with the phrase, “There is no such thing as bad publicity.” That’s not the case here. Once on the radar, a firm becomes an easy mark for repeat attacks and other cybercrimes. With ransomware attacks already on the rise, paying the ransom affirms cybercriminal behavior and encourages ransomware attacks on others. 

Paying may seem like the only choice to continue firm operations and avoid further interruption, but there is always the option of refusing to pay.

What Happens if You Don’t Pay?

Victims of ransomware attacks may feel helpless and that paying is their only option. However, paying does not necessarily mean your data will be returned, and if it is, it may be corrupted and unusable. Most IT and cybercrime experts and even Federal agencies recommend against paying the ransom, but if your firm does not pay, you may permanently lose crucial data and countless hours of work.  

Keeping Your Firm Safe

The best defense is to be prepared before a ransomware attack happens. Incorporating cybersecurity best practices into company culture, keeping firewalls and software up to date, and using strong passwords with multi-factor authentication (MFA) can help thwart an attack before it begins. If an attack does occur, restoring your network from a data backup, either off-site or in the cloud, is arguably the best course of action.

With regular backups, a firm can restore data and files from its most recent backup before the attack. By working with a cloud provider, firms gain an extra layer of protection and peace of mind knowing that their IT is in expert hands. At Tabush Group, our Desktop as a Service (DaaS) solution, Boxtop, provides multiple layers of protection from would-be threats. Boxtop is built with enterprise-level encryption, firewalls, malware protection, and is monitored 24x7x365. To facilitate recovery in the event of an attack, data is frequently backed up, eliminating the need for a separate backup platform.

The Verdict 

The question still stands, should you pay a ransomware demand? The overwhelming consensus is not to pay. Instead, have safeguards in place before an attack occurs. Prioritizing cybersecurity and performing regular system backups is the best defense against a ransomware attack. And while prevention and protection should be a firm’s primary focus, having a proper cyber incident response plan in place ensures your firm can act quickly in case of a breach.

Learn More

Don’t wait until it’s too late. Find the right IT partner who understands your business. Learn more to see how Tabush Group gives law firms peace of mind and the freedom to focus on their core objectives.

Topics: Cybersecurity Law Firm