SD\PHQWFDQEHIRXQGDQGWDNHQR̈LQH6RPHWLPHVWKHEDGJX\VGRLW

because they need to cover their tracks and move on to the next

nefarious campaign; other times, law enforcement takes down the

system. In either case, anyone who has been infected and not paid the

ransom can no longer get their system unlocked, even if they pay.

Second, even when the ransomware system is working as “advertised,”

there’s no incentive for the bad guys to follow through. They got the

money—mission accomplished. They don’t really gain anything from

XQORFNLQJ\RXU¿OHVH[FHSWPD\EHLQFHQWLYL]LQJ\RXWRGRLWDJDLQWKH

next time it happens.

7KLUGHYHQLI\RXJHW\RXU¿OHVXQORFNHGWKHUHPLJKWEHRWKHUGDQJHUV

awaiting you. It’s conceivable the attackers may have left some

unpleasant surprises behind or taken advantage of the confusion and

done who knows what to your system. Perhaps in addition to encrypting

\RXU¿OHVWKH\GHFLGHGWROLIWDFRS\IRUWKHPVHOYHVDQGVHOOLWRQWKH

Dark Web. Paying the ransom won’t undo that potential damage.

Last, paying the ransom will almost certainly not save you money in the

long run. After Atlanta was hit with ransomware, it had to spend $2.6

million to recover. The initial ransom was $50,000. That ransom cash is

better served to help rebuild.

I’m not one to blame victims. I have never made life-or-death decisions

in a hospital, and I’ve never tried to run a city that didn’t have the word

“Sim” in front of it. I cannot imagine the pressure legislators face when

ransomware comes knocking. They surely made the decision they

thought best.

But whenever anyone asks me about what to do if they get infected with

ransomware, I’ll always say: Don’t pay.

[email protected]

M

a

x

E

d

d

y

PC MAGAZINE DIGITAL EDITION (^) I SUBSCRIBE (^) I AUGUST 2019