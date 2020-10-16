All the computers in your company have been hijacked and you cannot access them. The company is blocked. You are being the victim of a cyber attack ransomware. The hackers They ask for a ransom to free their equipment. Would you pay? Another wave of cyberattacks on large companies around the world has returned to the table this week the debate on whether it is ethical to pay these criminals. The answer is complicated. Let’s put another case. The hackers they attack a hospital where dozens of emergency people attend and a good number of patients await important operations. Would you pay?

It’s not easy to make decisions after a cyber attack, computer security experts acknowledge. However, most recommend not giving in to blackmail. “That feeds the possibilities that another will be carried out,” emphasizes Vicente Díaz, an analyst at Kaspersky Lab, the Russian cybersecurity giant, which emphasizes the importance of “cutting off the business” of cyberattacks. This type of aggression has become a flourishing industry thanks to the fact that there are not a few who give in to blackmail.

Kaspersky estimates that more than a third of the Spanish victims of this type of cyberattack –Spain registered 115,000 cyber attacks in 2016, double the previous year — they yielded to blackmail. The data is similar throughout Europe. The victims of this growing crime industry are not just companies, administrations or important infrastructures; also individuals. For cybercriminals, creating the virus to hijack a computer involves minimal effort compared to the benefits that can be obtained, in the form, for example, of cryptocurrency bitcoin. Paying does not guarantee anything, insists Miguel Ángel Rojo, CEO of the fraud analysis and intelligence company on-line GoNetFPI. The economic is not always the true motive for these attacks. Those this week, for example, what they sought was to create chaos and paralysis in companies, especially in Ukraine, where it originated. In addition, recovering the funds is almost impossible: “We are talking about digital money that can be moved countless times, which makes its tracking and recovery difficult,” explains César Cerrudo, from IOActive in Argentina.

Antonio Ramos, director of LEET Security, recognizes that deciding what to do in a cyber attack ransomware it’s complicated. “The first answer must always be not to pay,” he says, “but to adopt this position you have to be sure that you are prepared for this type of situation, that is, you have previously worked to improve your level of protection; if, on the contrary, we have not done anything and we face an interruption of the activity that could mean the cessation of our organization, we will be facing a dilemma that is difficult to solve ”. One may be to turn to the No More Ransom initiative, launched by Europol, the Dutch police, and cybersecurity companies Kaspersky Lab and Intel Security. The project helps victims to get their data back without paying a ransom. In two months they have helped more than 2,500 attacked to decrypt their data.