Do Not Pay Ransomware – A Lesson for Municipalities

Do Not Pay Ransomware – A Lesson for Municipalities

Remember how cybersecurity professionals were telling municipalities not to pay ransomware extortion as it would reinforce and embolden future attacks specifically against their sector? Well, it appears that over 20 government agencies throughout Texas have been hit with ransomware in a coordinated attack.

I cannot emphasize enough that if you satisfy the cyber criminal’s objectives of financial gain today, they will come back tomorrow with more enthusiasm, focus, resources (thanks to you), and greed.  

Just like scammers who find a class of easy victims, they then target them in the future. 

Paying ransoms may seem like a quick and short-term fix, but doing so is corrosive over time to the entire peer group and it does not even guarantee all the files will be restored. 

Many attackers leave backdoors so they can come back later and do it again. It makes perfect sense when you have a victim willing to pay.

Let me put it another way. Imagine everyone is floating in the ocean when a shark comes by. Having an unprepared person panic and throw food at it may get it to eat the chum and temporarily swim away, but the end result is a school of sharks will appear and begin preparing for a meal. That puts everyone on the menu and in serious danger.

So again, I will say unequivocally that, ransomware extortion should NOT be paid.  Don't chum the waters! The best protection from ransomware involves being prepared before you are attacked. If you have failed to prepare, then the next best solution is to burn it all down, rebuild everything, and restore the data you can. It is the only way to be sure the attackers have not left anything nasty behind

Some of my colleagues will say otherwise, but they are often only looking at the ROI of that one organization which is impacted at the moment and not the strategic picture of the whole community. I am happy to argue and debate with them about what is best for the long-term health of our shared digital ecosystem. 

Paying criminals only creates a bigger and more powerful problem.

Share this article

Leave your comments

Post comment as a guest

terms and condition.
  • Liam Harwood

    If you forget them once, they will come back to you several times to hurt you

  • Rick Stead

    Even calling 911 won't be enough to stop them

  • Oliver Murphy

    Protect yourself from hackers and don't even reply to them even under threat

  • Dave William

    Never cooperate with criminals !!

  • Marlon Utlang

    Don't pay !!! Don't pay !! Don't pay !!!

  • Ryan Hill

    Well stated

Share this article

Matthew Rosenquist 

Cybersecurity Expert

Matthew Rosenquist is an industry-recognized pragmatic, passionate, and innovative strategic security expert with 28 years of experience. He thrives in challenging cybersecurity environments and in the face of ever shifting threats. A leader in identifying opportunities, driving industry change, and building mature security organizations, Matthew delivers capabilities for sustainable security postures. He has experience in protecting billions of dollars of corporate assets, consulting across industry verticals, understanding current and emerging risks, communicating opportunities, forging internal cooperation and executive buy-in, and developing practical strategies. Matthew is a trusted advisor, security expert, and evangelist for academia, businesses, and governments around the world. A public advocate for best-practices, and communicating the risks and opportunities emerging in cybersecurity. He delivers engaging keynotes, speeches, interviews, and consulting sessions at conferences and to audiences around the globe. He has attracted a large social following of security peers, is an active member on advisory boards, and quoted in news, magazines, and books. Matthew is a recognized industry expert, speaker, and leader who enjoys the pursuit of achieving optimal cybersecurity. Matthew Rosenquist is experienced in building world class teams and capabilities, managing security operations, evangelizing best-practices to the market, developing security products, and improving corporate security services. 

Cookies user prefences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Read more
Tools used to analyze the data to measure the effectiveness of a website and to understand how it works.
Google Analytics