When should I pay ransomware?
The first step when considering the pros and cons of paying ransomware is to check if there are any backups of the infected files. If there are no alternative ransomware recovery methods and the data is crucial, it becomes a business decision to see if paying is right for you and your company.
The FBI does not encourage paying the ransom as a first resort. However, they do acknowledge paying the ransom may be the last resort option that organizations explore. Under U.S. law, paying ransomware is legal unless the payment is sanctioned.
Following sanction compliance standards outlined by the Cyber-Related Sanctions Program and enforced by the Office of Foreign Assets Control (OFAC) you can ensure ransom payments do not end up in the hands of nefarious threat actors.
Learn more about ransomware risks, costs, prevention and recovery.