Comment by meowface
10 years ago
Ransomware is a different scenario. With ransomware, if you have no backups and absolutely need your files back, paying the ransom is the only sane option. Of course, this can easily be prevented by taking frequent backups.
With a DDoS, there are almost no advantages to paying the ransom. Much better to spend the money on DDoS mitigation instead, to help now and in the future.
Also, the FBI wasn't making an official statement. It was just an off-hand remark from an agent, recommending technically ignorant people who desperately want their files back to pay the ransom.
In fact backups is not enough. It has to be offline backups, which raises the bar quite a bit. Backing up to a network drive doesn't even help, and I am not aware of any wildly used "write once-only" network drive capabilities.
Backup to an external hard drive that you only leave connected during the backup, or a cloud service (ransomware could theoretically target these but so far have not), or do a "pull-style" backup where the machine doesn't have write access to the backup location.
Agreed. The difference is that with ransomware the act has already been done. You can think of it as negotiating with kidnappers vs. paying off the mob to not rough up your shop.
Exactly, that's a perfect analogy. If someone kidnapped your child, paying the ransom isn't such a bad idea.