Without a doubt, ransomware is one of the most important security problems that can affect users. The main objective of attackers is to encrypt files and devices and then demand a ransom in return. Although there are methods to be protected, the truth is that users make mistakes both before and after an attack. In this article we echo which is the most important error , according to security researchers.
Never report cyber insurance
Ransomware attacks can affect both home users and businesses. It is in this second case when they can ask for a greater financial rescue, since the probability of success increases. Ultimately an organization in many cases cannot afford to be paralyzed for long. Let’s think of an online store, which has to spend a whole day without being able to serve customers.
What mistake do many business leaders make and can it further expose security? According to the researchers, the most important mistake is giving information about whether or not they have cyber insurance. This can open up the possibility that they will ask for an even bigger ransom.
Consider any business that has been the victim of a ransomware attack. All computers are locked and the attacker asks for a financial ransom. Now, that same company, or rather the person responsible for security or who must negotiate with the attackers, indicates that they have cyber insurance and that they will have to pay and manage the issue.
This would only complicate matters. Those attackers would already know that the company is insured and could see an opportunity to demand an even bigger ransom. This is so since they see more likely that they will actually pay for that ransom and be able to profit.
Study on Hundreds of Ransomware Victims
The group of cybersecurity researchers at Fox-IT has reached this conclusion. They have analyzed more than 700 ransomware attacks and the negotiations between victims and attackers. They found that if the victim has cyber insurance and reports it to cybercriminals, that negotiation for a lesser ransom is cut short.
In fact this could further complicate the situation. They could directly request a larger ransom upon learning that they have insurance. Keep in mind that in most cases attackers analyze the economy of a company or an individual victim to calculate how much they can ask for and be successful.
Let us think of an ordinary home user and a large company. In the first case, they could not ask for hundreds of thousands of euros, since the normal thing is that they never receive that money. Now, if it is a large organization, which has hundreds of thousands of clients and they have to offer a service and each hour lost costs them thousands of euros… There they would be more likely to accept.
In short, if at any time you are the victim of a ransomware attack or your company suffers from this problem, the main mistake is to announce that there is cyber insurance. This will make negotiations difficult and will only increase the required figure. You should always protect Windows from email ransomware, as it is a widely used method.