To Pay or Not to Pay Bitcoin Ransoms? – FBI Sending Mixed Messages

FBI seal

Cyber-attacks are a growing problem for the world on a large scale. We are seeing the number of cyber-attacks increase at such an alarming rate, companies are growing more fearful they may be the next target. The FBI has commented on how to deal with this type of situation but unfortunately, they have been unclear.

No one is completely safe from cyber crime but the data shows small businesses should be particularly concerned. Verizon’s 2017 Data Breach Investigations Report (DBIR) revealed 61% of data breach victims are businesses with less than 1,000 employees. Also, Duke University did a survey that found 80 percent of all businesses had been hacked.

The WannaCry cyber-attack that swept the globe last week, targeting 150 countries, has made the world that much more aware of ransomware’s devastating effects. The hackers demanded their victims pay from $300 and $600 in Bitcoin or they would remain locked out of their computers indefinitely. It is estimated the hackers have been paid $55,000.

This relatively small amount suggests the hackers’s victims may have been mostly small businesses. Small businesses are particularly vulnerable to cyber hacking because often they cannot afford a cyber security team like larger-scale businesses.

So, if your business gets hit by WannaCry or other ransomware, should you pay the Bitcoin ransom? The FBI says ‘yes’, and ‘no’. FBI cyber and counterintelligence specialist, Joseph Bonavolonta said:

“To be honest, we often advise people just to pay the ransom.”

But later in 2016, the FBI contradicted its previous statement. Will Bales, Supervisory Special Agent for the FBI’s Cyber Division said:

“People have to remember that ransomware does not affect just one person or one business. It will more than likely move on and affect somebody else. And for those who pay the ransom, it only encourages them to extort the next person.”

In lieu of the cyber-attacks on Hollywood this year, an FBI spokesperson issued commentary that the agency does not advise people to pay ransoms because it only continues the cycle of cyber-crime. It did say, however, victims should “weigh their options.”

Even more conflicting information came from a former federal prosecutor of L.A. cyber crime, Hemanshu Nigam:

“If your system is wiped and you didn’t pay, then there’s no way to recover it and you basically shut down your entire business, so the FBI will say it’s easier to pay it than it is to try to fight to get it back.”

This means that over the course of just a year and a half, the FBI has sent out two completely different messages on whether to pay Bitcoin ransoms. Considering the staggering number of businesses affected by cyber hacking, it seems US companies could benefit from clearer guidance from their government.

Just two reasons paying a Bitcoin ransom is not wise: You may never regain access to your data or device after paying the ransom, and bending over to hackers gives them incentives to commit more cyber crime.

But the FBI is still not sure.

Image: Featured


Would you pay a Bitcoin ransom? Leave your comment below


Please Share This Story