Why companies decide to pay hackers ransoms

Author
CNN,
Publish Date
Fri, 11 Jun 2021, 10:46AM
(Photo / Getty)
(Photo / Getty)

Why companies decide to pay hackers ransoms

Author
CNN,
Publish Date
Fri, 11 Jun 2021, 10:46AM

Ransomware is a growing problem, and companies aren't making it any better by paying hackers the ransoms they're demanding.

The meat supplier JBS USA paid an $11 million ransom in response to a cyberattack that led to the shutdown of its entire US beef processing operation last week, the company said in a statement Wednesday evening. The Colonial Pipeline operator paid a similar ransom last month.

But Kevin Mandia, CEO of cybersecurity company FireEye is sympathetic to his customers who pay ransoms. First Move's Julia Chatterley spoke to Mandia Thursday.

Are we making it worse by paying these ransoms?

Kevin Mandia: Well, nobody wants to pay a ransom, and that's the beginning for all of these. You have to look at the risk. If you are a ransomware actor, you break into health care, and you impact the devices that maintain human life, the risk calculus is different in regards of payment of ransomware than if you run another type of business. Ransomware actors are targeting specific industires and public companies, recognizing the likelihood of being paid is far higher in those industries.

Are you in favor of banning these payments?

Kevin Mandia: You know, it is tough. If you go to the extreme, if you paid the ransom, you are propagating the challenge. You make the decision it is better to pay now and derisk our patients then the risk of moving your patients out of the hospital. A ban is far more complicated when you get below the surface. I've talked to the CEOs making these decisions. It is not simple and nobody wants to pay it and nobody wants to propagate the problem but they also do not want to hurt human life.

Explain why this is happening.

Kevin Mandia: If you can commit a crime from 10,000 miles away from a safe harbor with no repercussions, you are going to take shots indefinitely. And sooner or later they're going to work. If we don't find a way to impose risks or repercussions to those launching those attacks, over time, every company is going to have to deal with one.

How do we create repercussions?

Kevin Mandia: We are an international community. The internet connected all of us and been around since the 1980s. We got to figure out how we are going to work globally on this. If you want to be a part of the global economy, the bottom line is there are rules you have to follow. I think the answer is not just technological it is also diplomacy. It is going to take nations banding together to figure out what we are going to do about this. Most people think it has crossed the line of toleration. The status quo is no longer tolerable.

Talk about the impact of digital currencies. These payments are not being demanded in US dollars

Kevin Mandia: If you are an attacker and you want to monetize your hacking amendment, you hack into computers when you steal credit card data. Now you break in and you can deploy ransomware or you can steal documents and extort the feedback that you are going to publicly release private documents. So you had the anonymity of digital currency and now you can be anonymous in demanding your demand and paid it digitally. With every technological advancement, criminals figure out a way to use it. So there is no question we have to do little catch up now and look at digital currency and figure out how do we manage it in a way that's meaningful and prevent all the fraud that's occurring with the enabling digital currencies.

Are we winning this war or losing this war?

Kevin Mandia: I think you are fighting it every single day. Just because you read the headlines, we are certainly looking better and looking for ways for nation to respond cohesively. How do we respond as a nation? We are going to get better at this.

- text by Julia Chatterley, CNN Business