US Led Coalition Vows to not pay Hackers’ Ransom Demands

We shall see if this really works, but if it REDUCES payments, that will be good.

A joint pledge was announced at the third annual International Counter Ransomware Initiative or CRI. The CRI includes 48 countries, the EU and Interpol.

Anne Neuberger described the situation saying that dozens of GOVERNMENTS signed a policy statement saying that those GOVERNMENTS would not pay ransoms. We will see what happens when they actually get hit by an attack and their government agencies grind to a halt.

The pledge does not stop private companies from paying ransoms and many do (see below).

Blockchain analytics shows at least $449 million in ransom paid on the blockchain just during the first six months of this year.

This is still a work in progress as not ALL 48 members of the coalition have signed the pledge.

Credit: Tech Crunch

In the MGM attack, guests waited hours just to check in; restaurants had to handle orders on paper and ATMs didn’t work. What is a company to do in that case? MGM decided not to pay and was in the headlines for weeks. It said the attack cost them $100 million in lost revenue. Caesars paid the ransom, estimated to be $15-$30 million, and was back online quickly.

Of course, just because you pay does not mean that the hackers are gone and did not leave any hooks behind.

Cyberreason says that 80 percent of victims who paid the ransom were hit by a second attack and 68 percent said that second attack came less than a month later – with a demand for a higher ransom.

In addition, if the attacker is on the government’s sanctions list, you could also have to pay off the government and/or face criminal charges.

Credit: Techcrunch

Your best bet is to harden your defenses. If you need help with that, please contact us

by