business backgrounder | industry
Held Hostage
When data is held hostage , should you pay the ransom ?
Tim Zeilman , vice president , global product owner — Cyber HSB
There are no easy answers when it comes to the question of what to do after a business becomes a victim of a cyber attack . But there are best practices that can help keep companies safe from damage .
At A Glance
Cyber criminals target businesses of all types and sizes .
60 % of small companies close their doors within six months of being hacked .
Companies may decide to pay a ransom for several reasons , but it does not always lead to a positive outcome
Two companies decide not to pay ransomware demand but result in different outcomes . One , a software company , loses nothing . The other , a university medical center , loses $ 50 million .
The cyber thieves who claimed responsibility for the attack demanded $ 70 million to restore customer information . In response , the software company ’ s security and R & D teams developed a patch that enabled the company to unencrypt the data and restore it to customers . The software company made no payment to the criminals .
A university medical center decided not to pay a ransom in 2020 , but the hospital saw a very different outcome . After many staff members reported computer access problems , the hospital ’ s IT group searched for malware and found instructions for contacting the thieves who snatched a trove of patient-related data .
48 association of washington business