The global ransomware crisis was big news this month, not just because of its size and reach – but because of the victims. This wasn’t a calculated attack on a company that should have better systems in place, or a government with a chequered moral past, but instead an indiscriminate, worldwide attack. It affected local authorities, the NHS and private computers in equal measure.
Though these victims may not appear to be big targets ripe for extortion, they’re actually some of the easiest prey for attackers. After all, their limited tech knowledge means they’re more likely to inadvertently download the software in the first place, then also less able to fix the problem themselves. As such, these groups may well be the most willing to cough up a ransom.
So if the worst has come to worst and you’ve been hit by WannaCrypt, should you pay the fee?
The short answer is “no”.
Though the typical figure of around £300 may seem like a price worth paying for irreplaceable images or documents, the fact remains that paying up is unlikely to get them back anyway. Unsurprisingly, those cybercriminals are not always the most trustworthy of individuals and although the ransomware might promise users the necessary tools and decryption keys, the reality isn’t always quite so clean cut.
As cyber security expert Matthew Hickey told the BBC, “a manual human operator must activate decryption.” Therefore, even if they have the best of intentions, a simple error could result in the files being lost forever. However, even this is giving these cyber criminals more honour than is probably wise. After all, once the ransom has been paid they have no real need (nor obligation) to dutifully keep to their word.
If all that wasn’t enough, researchers looking into the WannaCrypt software have found it’s coded rather sloppily. If this negligence runs throughout the whole operation, it’s unlikely the system even has a viable way of decrypting files – meaning that encrypted files are as good as destroyed from the very beginning.
So though it may be small comfort for those affected, it may be preferable to write off those encrypted files altogether, as trying to get them back would likely be a fool’s errand (and a costly one at that). Instead, use this as a lesson for getting a strong backup. After all, ransomware hackers have no power over users when their files are saved in more than one place.