Ransomware: Questions to ask before paying a ransom

Large companies are being hit by ransomware and, according to some recent reports, specifically targeted for their perceived ability to pay a ransom.

Are there some basic questions that companies should ask themselves to decide how to act, Airmic News asks Control Risks, before paying a ransom, if or when such an event hits them?

“Good practice is always to seek legal advice regarding jurisdictional differences in responding to incidents.

“This should include advice on legality of payments and the due diligence required as well as regulatory and client notification requirements.

“From the outset, victims of cyber extortions should ask themselves the following questions:

• What data may have been exposed during this attack considering the timeframes of access?
• How do we recover from this position and what are the dependencies (e.g. working back-ups, clean infrastructure, comfort that the attackers are no longer on the network)?
• Do we need to engage external technical, communications or legal support to advise us through this issue?
• What could the worst case scenario be and how should we escalate internally to get ahead of the crisis?”

About Control Risks

Control Risks is a specialist risk consultancy. We are committed to helping our clients build organisations that are secure, compliant and resilient in an age of ever-changing risk and connectivity.