LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

Why It May Be Illegal to Pay Ransomeware and Why a Ban on Payments Won't Work

RansomwareIf your organization’s data is being held for ransom by hackers, should you pay up?  The universal consensus is that you shouldn’t because it encourages criminals.  But an earlier question needs to be: is it legal to pay?

They answer is not as straight-forward as you might assume.  Let’s assume your companies servers are locked up by thieves and although you don’t want you pay, you decide you have no choice.

How are you making that payment?  Depending on who’s involved – say, a US-based exchange – they could get in trouble for handling the payment.  After all, those Know Your Customer (KYC) laws are there for a reason.  You could not call up Bank of America or Barclays and say “I would like to wire $10 million to a gang of thieves in North Korea.”

Where are you sending that payment to?  If you’re in the US and the hackers are in North Korea, you may be violating sanctions.  Sanctions typically don’t say “no trading but you can wire money to bad actors in that country if you need to”.  It sucks that hackers can break into your country and lock up your data, but it’s still a crime if you violate sanctions.

Of course, the criminals don’t care.  Their attitude is “we’re criminals already.  You can join us in the underworld and pay up.  What’s that?  You have regulatory challenges?  Sounds like your problem.  Tick tock, tick tock.”

This also explains why bans on payments will never work.  You could add a dozen laws and people who operate outside the law will not care.

The best policy is to have a robust, reliable, resilient backup solution in place.  Robust in the sense that it covers everything in your environment – everything needed to restore what you need with an “everything included, specific exclusions” policy instead of the opposite.  Reliable meaning that your backups work and they are regularly stored.  If you need something from last Wednesday at 2:14pm, you know it’s there.  And resilient because they are immune to attack – someone who breaks in your network cannot nuke your backups on their way out.

I just made up those 3 Rs but they sound pretty good.





No Comments

    Leave a Reply

    Some notes on commenting on LowEndBox:

    • Do not use LowEndBox for support issues. Go to your hosting provider and issue a ticket there. Coming here saying "my VPS is down, what do I do?!" will only have your comments removed.
    • Akismet is used for spam detection. Some comments may be held temporarily for manual approval.
    • Use <pre>...</pre> to quote the output from your terminal/console, or consider using a pastebin service.

    Your email address will not be published. Required fields are marked *