你为什么要准备付赎金

温馨提示:全文约1057字,阅读全文大约需要2分钟

勒索软件攻击也是如此:不管你怎么坚持

迈克•泰森(Mike Tyson)曾经说过,“每个人都有一个计划,直到他们被打到脸上。”勒索软件攻击也是如此:不管你怎么坚持  

事实是,越来越多的组织为了恢复数据而支付赎金。事实上, 70%的业务 受到勒索软件攻击,最终向攻击者支付了数千美元。甚至是地方政府 已支付赎金 重新获得重要服务。不管我们如何告诉对方我们会采取不同的做法,事实是,当你的数据消失,你开始失去客户或错过最后期限,你将付出几乎任何代价来纠正问题

与其用一句笼统的“我们从不付钱”来表示美德,组织需要对他们愿意支付赎金的具体情况保持现实。如果你是一家医院,如果你的电脑不能恢复线,人们会死的-是的,最好是付钱。如果你一个不那么关键的领域,而且只是备份上线时等待的问题,也许你可以不用付钱就可以度过难关

但不管怎样,诚实是很重要的- 与您自己、您的C-suite、您的董事和其他利益相关者- 关于你如何应对成功的勒索软件攻击。当你对支付赎金的情况有了明确和务实的认识,你就可以制定更有意义的计划。首先,你的IT预算中包括赎金支付的成本,以及如果你给网络罪犯现金,你必须支付的罚款。你的首席执行官可能不喜欢为比特币转帐给黑客做预算,但与其被意料之外的成本蒙蔽双眼,不如提前计划

阅读完整的文章>

 

英文译文:

Mike Tyson used to say, “Everyone has a plan until they get punched in the face.” It’s much the same with ransomware attacks: No matter how much you insist that  you’d never pay a ransom, your plans go out the window the first time you see all your organization’s computers showing that “You’ve been hacked” screen.

The truth is that organizations are increasingly paying ransoms to recover their data. In fact, 70% of businesses hit by ransomware attacks wind up forking over thousands of dollars to their attackers. Even local governments have paid ransoms to regain access to vital services. No matter how much we tell one another that we’d do things differently, the reality is that when your data disappears and you start losing clients or missing deadlines, you’ll pay virtually any price to put things right.

Rather than virtue-signaling with a blanket “We never pay” statement, organizations need to be realistic about the specific circumstances in which they’d pay a ransom. If you’re a hospital and people will die if you don’t get your computers back online STAT — yes, it’s better to pay up. If you’re in a less critical field, and it’s just a question of waiting around while your backups come online, maybe you can ride it out without paying.

But either way, it’s important to be honest — with yourself, your C-suite, your directors, and other stakeholders — about how you’d respond to a successful ransomware attack. When you’re clear and pragmatic about the circumstances in which you’d pay a ransom, you can make more meaningful plans. That starts with including the cost of ransom payments — and for the fines you’ll have to pay if you give cash to cybercriminals — in your IT budget. Your CEO might not enjoy budgeting for Bitcoin transfers to hackers, but it’s better to plan ahead than to be blindsided by unanticipated costs.

 

Share this Post:

相关资讯: