“The ransomware is that good,” said Bonavolonta, as reported by The Security Ledger. “To be honest, we often advise people just to pay the ransom.”
"They said that the encryption is solid, so if you need your data the only real option is to pay," explains LarryG. "They never said don't backup, they never said if you have a backup pay anyway. They are only saying that if you have no other way of restoring your data, paying is it. They are saying they can't decrypt the files for you and that they will not be catching these people any time soon and then giving your data to you."A spokesperson for the FBI's Boston Office has since re-articulated these sentiments, stating that while the Bureau does not advise businesses on how they should proceed if they fall victim to ransomware attacks, "instead, the Bureau explains what the options are for businesses that are affected and how it’s up to individual companies to decide for themselves the best way to proceed. That is, either revert to back up systems, contact a security professional, or pay." Mohit Kumar, Founder and Editor-in-Chief of The Hacker News, feels that the FBI should be emphasizing defense against these types of attacks in addition to alerting businesses to their options should they ever fall victim to ransomware.
"...[T]he best defense measure against Ransomware is creating awareness within the organizations, as well as maintaining backups that are rotated regularly," Kumar explains in a post.For more information on ransomware, including your options once you have been affected and tips on how you can avoid becoming a victim, please click here.