Jul 2, 2019

Choice to pay ransomware might be simpler than you'd think

Illustration: Aïda Amer/Axios

The conventional wisdom about ransomware is that when local governments pay the ransom, it encourages more criminals to launch more attacks. But that's not necessarily the case, experts say.

Between the lines: The costs of recovering from a ransomware attack are often greater than the cost of the ransom.

Background: The victims of ransomware attacks are typically targets of opportunity, and cities generally aren't the primary targets. Corporations are — and they often pay up.

  • "The fact is, paying a ransom does not create a market," said Forrester Research's Josh Zelonis. "There already is a market."

By the numbers: Riviera Beach and Lake City, Florida, paid a combined $1.1 million in ransom over about a week in June.

  • Meanwhile, Atlanta spent $17 million restoring systems rather than pay a $50,000 ransom last year.
  • Baltimore is likely to spend $10 million restoring its own systems refusing to pay a $75,000 ransom this year. The disruption to its city services may cost another $8 million.

The intrigue: For some cities, the best response might be to pay the ransom, then use the millions of dollars that would have been spent on recovery to strengthen cyber defenses before the next attack.

  • "If you don't learn from the past, you will end up being ransomed again," said Deborah Golden, the new head of Deloitte's cyber consultancy.
  • Whether a city pays, doesn't pay or has yet to be attacked, prevention will often save money.

What's next: Regardless of the decision a city might make, Golden said, it's important to game plan what will happen in a ransomware attack.

  • In some cases, that might mean developing non-digital alternatives to the services that may be put on hold during an attack. "Is there a way to do something manually in the time it takes to set up the automation again?" she asked.

Go deeper

Coronavirus cases rise, as more Americans on cruise confirmed ill

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's NHC; Note: China refers to mainland China and the Diamond Princess is the cruise ship offshore Yokohama, Japan. Map: Danielle Alberti/Axios

A U.S. public health official confirms more than 40 Americans on the Diamond Princess cruise ship off Japan have coronavirus, while the remaining U.S. citizens without symptoms are being evacuated.

The big picture: COVID-19 has now killed at least 1,770 people and infected almost 70,000 others. Most cases and all but five of the deaths have occurred in mainland China. Taiwan confirmed its first death on Sunday, per multiple reports, in a 61-year-old man with underlying health conditions. Health officials were investigating how he became ill.

Go deeperArrowUpdated 2 hours ago - Health

Scoop: Inside the Trump campaign's big hedge on Facebook

Illustration: Eniola Odetunde/Axios

The Trump campaign has invested most of its advertising budget to date on Facebook, testing thousands of versions of ads per day to maximize its spending.

But behind the scenes, a source familiar with the campaign tells Axios, the thinking has shifted: "As everyone can see, we still have strong spending on Facebook, but the percentage of our total media budget [on Facebook] is shrinking."

Trump's revenge tour has the House in its sights

Illustration: Aïda Amer/Axios. Photo: Saul Loeb/Getty Contributor

In the lead-up to the 2018 midterm elections — buoyed by Republican control of both chambers — President Trump viewed campaigning for the House as a lower-tier priority and instead poured his energy into rallying for the Senate.

But after the GOP reckoning in 2018, and experiencing firsthand how damaging a Democratic-led House has been to him, Trump is now personally invested in helping Republicans regain the majority in November, several people familiar with his thinking tell Axios.