To pay or not to pay after a ransomware attack

Ransomware is now identified as a national security risk and companies are paying up – meatpacker JBS says it paid hackers $11 million to resolve its recent ransomware attack. Worst yet, double extortion ransomware attacks are becoming a more common scare tactic used by hackers.

This drives the question – to pay or not to pay ransomware? The truth is there’s no easy answer, especially when a new study shows that “80% of organizations that paid the ransom were hit by a second attack, and almost half were hit by the same threat group.”

To help determine your ransomware response, you must understand how attackers are leveraging a new tactic, Double Extortion. Here are some thoughts from our resident expert Stephen Jones.


continue reading »