In some cases, the answer is a resounding yes. It all depends on who’s holding your data hostage.
According to a November 2018 press release by the US Treasury department, if the payee of ransomware turns out to be someone the government is pursuing action against, then paying a ransom for your data may enable “Iranian cyber actors to profit from extorting digital ransom payments from their victims.”
The release identified two Iran-based cyber criminals who targeted over 200 victims with the SamSam ransomware scheme. As Treasury investigators analyzed the digital currency addresses associated with the two men, they discovered over 7,000 transactions in bitcoin, worth millions of U.S. dollars.
It’s bad enough to be forced to pay ransom to recover your own data. Knowing your payment might support organizations friendly to terrorists makes it that much worse—and might even make it illegal and prohibited by the U.S. government.
While no business is invulnerable to attack by hackers, you can improve your odds by putting in safeguards. Tools like firewalls and endpoint protection reduce your chances of intrusion. Also, automated backup solutions give you something to fall back on in case someone in your organization inadvertently lets something through. In that event, you just restore from a backup and get back to work.
Like all cyber threats, it’s better to be proactive with ransomware from a protection and prevention standpoint. The potential legality issue serves as just a little extra incentive!
To read the full release from the Treasury Department, click the link below.