Choosing whether to pay ransom isn’t a moral or ethical decision. It is always a business decision based on risk reduction and protecting the interests of an organization’s customers, employees and key stakeholders.
Hive ransomware, one of the biggest ransomware-as-a-service (RaaS) strains circulating since 2021, has at this point brought in $100 million in ransom payments and the total victim count is at least 1,300 organizations.
Medibank has opted to ignore demands for ransom payments for the recent data breach of about 9.7 million health data records. Criminals have published a fraction of the stolen data on the dark web, including those of high-profile politicians.
NSA director of cybersecurity says ransom payments are more difficult to process due to lack of access to assorted banking options, and inability to purchase necessary technology to set up the infrastructure for new ransomware campaigns.
