If You Pay a Hacker Ransom Money, You’re Still Gonna Have a Bad Time

b2ap3_thumbnail_DDos_ProtonMail_400.jpgA recent trend in cybersecurity is the omnipresent threat of ransomware and distributed denial of service attacks (see FBI alert dated 6/23/15). With hackers out to get you and your business, you need to stay updated on how to take the fight to these extortion masters. Unfortunately, victims who have become targets of ransomware, DDoS attacks, and other kinds of threatening hacker activity, often feel that “paying the piper” is the best way to resolve the issue. Well, we have news for you: it isn’t.

Ransomware and DDoS attacks are finding themselves increasingly more popular in the cyber world. The idea is that hackers can use DDoS attacks to take down an organization's infrastructure, rendering it inoperable until the attack subsides. In the meantime, hackers make offers to the target, demanding a certain amount of cash for the attack to stop. In theory, paying the ransom should end the assault and allow for a swift recovery of service. But what happens when the target coughs up the change, and the hackers continue the attack anyway?

This is a question that organizations absolutely need to consider before giving into any hackers’ demands. Even if you pay up, there’s absolutely no guarantee that the attack won’t continue to happen anyway. That’s just not how the real world works. In many cases, you’re dealing with seasoned criminals who want to see you squirm for no reason. For all you know, the ransom could just be adding insult to injury. In a worst-case scenario, hackers will accept your payment and continue the attack anyway, elated at the suffering they are causing.

This was the case with ProtonMail, an encrypted email service based out of Switzerland, that fell victim to a massive DDoS attack on November 3rd. ProtonMail was initially threatened by a group of hackers called the Armada Collective, but they shrugged off the threat, thinking it no cause for concern. Its servers were overloaded with so much traffic that operations ground to a halt, to the point where even real messages were incapable of being delivered.

As reported by ZDNet:

The encryption service says the assault reached 100Gbps and not only attacked the ProtonMail datacenter but routers in Zurich, Frankfurt and other locations linked to the ISP -- eventually bringing down the data center and ISP. This not only took down ProtonMail, but other companies were affected, too.

Supposedly, ProtonMail only paid up the $6,000 ransom due to the others affected by the attack, but either way, the attack didn’t let up. Their noble sacrifice was for nothing, and that’s $6,000 that can’t be taken back; that’s without mentioning the cost of the downtime caused by the attack. Basically, we recommend that you don’t take action or give in to hackers’ demands until you’re absolutely sure that there’s no way around the issue. Contact White Mountain IT Services, your trusted technology consultant, before making such a decision.

When it comes to attacks like these, be it from ransomware or the threat of DDoS attacks, it’s best to always take preventative measures before these issues take root and grow into true problems. One of the most important first steps is to institute a security awareness training program for your staff. 

A good starting point is to review the free downloadWhite Mountain Crypto Alert and the Cyber Security Toolkit, which is full of links to free tools and software to help keep your network safe.

For more information about how your business can take the fight to criminals, give White Mountain IT Services a call at 603-889-0800.

Related Articles

  • Tech Term: What are Proxy Servers? While proxy server is a tech term that is frequently cited, it is not understood by a vast majority of people. Today we will describe what a proxy server is, and why organizations like yours use them. What is a Proxy Server? Simply put, a proxy server is a computer that acts as an intermediary be...
  • Tip of the Week: Awareness is Key to Mobile Device Security With more and more businesses relying on mobile devices for their business they have to be sure that the use of these devices doesn’t present security issues for the company. With all that is happening in business computing today, finding out how you can protect yourself in lieu of the prevalence sm...
  • Tip of the Week: 3 Ways to a Faster Boot Time Your time is valuable, so you don’t have time to waste on waiting for your Windows operating system to boot up. In the interest of saving time, today’s tip will go over three ways to speed up your Windows 10 boot time. Of course, you should always check with IT to make sure it is okay before you ...
  • Would You Fall for this Adult Scam if You Saw an Old Passwor... As you may expect, the average Internet scammer isn’t above resorting to dirty tricks to claim their ill-gotten prize from their victims. A recent scam demonstrates just how dirty these tricks can truly be, and unfortunately, how ill-prepared many are to handle them. To preface this scam, we need...
  • 4 Internal Threats Every Business Owner Should Understand In light of all the data leaks and vulnerabilities that have been brought to light over the past few years, network security has to be a priority for every business. One problem many organizations have is that while they are protecting their network and infrastructure from threats outside their comp...
  • Is It Safe to Have Your Browser Remember Your Passwords? Let’s be honest - not all of us have the best memories. This makes the ability for many browsers to remember our passwords seem like a godsend. However, is this capability actually a good thing for your cybersecurity? The answer may not surprise you. Nope! While yes, the fact that we no longer ha...
With the surge in the number of small and medium businesses that have fallen prey to malware and cyber criminals, there is a lot of focus of what an organization can do to prevent being a victim and how the company should handle themselves after an attack. There is another key factor to preventing cyber criminals from penetrating into your network:...

- Onsite Service Coverage Area -

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH and then down into Boston. From Northern and Central Mass we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.



White Mountain IT Services
33 Main Street Suite 302
Nashua, New Hampshire 03064


 padlock1  Cyber Security Toolkit

cloud desktop2 Cloud Desktop Login

Open Positions