In recent years, South Africa has experienced several high-profile cases of ransomware, affecting both public utilities and private enterprises. Unfortunately, these cyber attacks do not discriminate and can impact organisations of any type or size. Shockingly, in 2022, more than half of South African businesses fell victim to ransomware attacks and statistics indicate a worrying trend of increasing criminal activity in the future.
To avoid the damaging consequences of a ransomware attack, both small and large businesses must implement robust protection measures. Without adequate security measures in place, organisations run the risk of being forced to decide whether or not to pay a ransom to recover stolen data.
Should companies pay ransom to hackers?
Paying ransom for stolen data is generally not recommended. Cyber security professionals advise against giving in to hackers’ demands as it can encourage cyber criminals to continue their illegal activities and may not result in the safe return of stolen data. Even if the ransom is paid, there is no guarantee that the attackers will return the stolen data or provide the decryption key needed to unlock encrypted information.
Even in cases where hackers provide a decryption key, the damage caused may be irreversible. The hackers’ primary goal is to get money and once the funds have been received, the criminals are not highly motivated to assist the organisation in recovering lost or corrupted data.
Paying ransom funds to criminal groups
Paying a ransom can result in an organisation becoming a target for future attacks, as attackers may view them as a profitable entity with a guaranteed payout. When organisations give in to ransom demands, it can give the impression that they are willing to pay and unintentionally encourage attackers to continue their illegal activities which raises ethical and legal concerns.
Furthermore, paying a ransom is against the Corruption Act in South Africa, making it illegal to pay for the release of ships, cargo or individuals. In addition to violating local laws and regulations, paying ransom could potentially damage the reputation of a company. Customers may become concerned about the security of their personal information and choose to take their business elsewhere.
South African organisations refuse to pay ransom
In recent years, there have been multiple reported incidents of South African companies falling victim to ransomware attacks. One such case occurred in July 2019 when the City of Johannesburg was targeted by a ransomware attack that encrypted its systems and demanded a ransom of four bitcoins (worth approximately R500 000).
A few months later, the city experienced a second ransomware attack that resulted in extended power outages for many residents. However, instead of giving in to the ransom demands, the city relied on its backup systems to regain control of its digital infrastructure.
Similarly, the ransomware attack against Transnet in July 2021 caused a disruption of essential services. However, the state-owned freight and logistics company refused to pay the ransom and was ultimately able to restore its systems without conceding to the hackers’ demands.
Rather than paying a ransom, it is advisable for organisations to concentrate on preventive measures such as regular data backups, implementing robust cybersecurity measures and educating employees on the best cybersecurity practices. If data is stolen or encrypted, companies ought to report the incident to law enforcement and seek the aid of cyber security specialists to recover the data and avoid future incidents.
___
Expand your horizons by consuming knowledge and improving your skills. We share ways to grow your business, educate yourself and acquire the necessary skills to succeed.
Follow us on Facebook, Instagram and Pinterest for more articles, videos and content to keep you inspired.
Mobimeme offers content marketing, SEO, analytics, social media management and expert direction in the digital sphere. Building and growing online audiences for your business is what we do best. Get in touch with us to find out more about our package offerings and how you can improve your website and following.