Ransomware Victims Should 'Just Pay the Ransom,' Says the FBI | Tripwire

Ransomware Victims Should 'Just Pay the Ransom,' Says the FBI

Posted on October 27, 2015
FTC Says Identity Theft Victims Don't Always Need a Police Report
A member of the Federal Bureau of Investigations (FBI) has recommended that ransomware victims "just pay the ransom" if no other option exists and if they need access to their encrypted data. Last Wednesday, during Cyber Security Summit 2015 at Boston's Back Bay Events Center, Joseph Bonavolonta, the Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program in the Boston office, observed that as the encryption standards protecting most ransomware samples, including Cryptolocker and Cryptowall, are so strong, the FBI generally advises victims to pay the ransom payments.
“The ransomware is that good,” said Bonavolonta, as reported by The Security Ledger. “To be honest, we often advise people just to pay the ransom.”
security89.jpg
 FBI Boston’s Joseph Bonavolonta address the Cyber Security Summit on October 21st. Bonavolonta said that paying the ransom is often the easiest path out of ransomware infections. (Source: The Security Ledger) Bonavolonta goes on to explain that these payments allegedly cause malware authors to keep ransoms low, for they can rely on a broad base of victims to fund their criminal activities and not extort individual victims large amounts of money. Additionally, the actors behind ransomware attacks generally stay true to their word and restore victims' access to their data, according to the agent. Those comments made by Bonavolonta have gone on to spark a heated debate on Spiceworks, with some observers alleging that the FBI is an active opponent of encryption and is therefore deliberately misrepresenting the threat posed by ransomware. Others, such as user LarryG., are reading between the lines of Bonavolonta's statement:
"They said that the encryption is solid, so if you need your data the only real option is to pay," explains LarryG. "They never said don't backup, they never said if you have a backup pay anyway. They are only saying that if you have no other way of restoring your data, paying is it.  They are saying they can't decrypt the files for you and that they will not be catching these people any time soon and then giving your data to you."
A spokesperson for the FBI's Boston Office has since re-articulated these sentiments, stating that while the Bureau does not advise businesses on how they should proceed if they fall victim to ransomware attacks, "instead, the Bureau explains what the options are for businesses that are affected and how it’s up to individual companies to decide for themselves the best way to proceed. That is, either revert to back up systems, contact a security professional, or pay." Mohit Kumar, Founder and Editor-in-Chief of The Hacker News, feels that the FBI should be emphasizing defense against these types of attacks in addition to alerting businesses to their options should they ever fall victim to ransomware.
"...[T]he best defense measure against Ransomware is creating awareness within the organizations, as well as maintaining backups that are rotated regularly," Kumar explains in a post.
For more information on ransomware, including your options once you have been affected and tips on how you can avoid becoming a victim, please click here.
Join over 20,000 IT security pros who get our top stories delivered to their inbox every week!