The International Business Times recently ran an article about how some institutions in the United Kingdom, including banks, are stockpiling bitcoin to be prepared to pay ransom in the event they experience a ransomware attack. That’s not a very smart approach. Although some hackers might play fair and release their grip on your network, most can’t be trusted. Just suppose you pay the ransom but they still keep your data. Or the hackers might attack your network with ransomware, or the combination of a ransomware attack coupled with a distributed denial of service (DDoS) attack (RDoS). In that case you’ll not only have suffered downtime or loss of data, you’ll have lost money.
Even if the hackers give you back the keys to your data and network sovereignty, you’ve made a costly mistake, in the long run. Your organization will be more vulnerable than before because those same hackers are more likely to attack you again. After all, they figure it worked the first time, so why not try again? Also, word might spread on the Dark Web that your company (or others like it) was willing to pay the ransom. It’s not a good idea to reward bad behavior. Some organizations are reluctant to report such extortion to watchdog or enforcement agencies, but extortion is criminal, and should be reported. Alas, the world is not ideal, and some organizations would rather negotiate with cyber hackers than report a cybercrime.