"Why Do Ransomware Victims Pay for Data Deletion Guarantees?"

Ransomware attackers exploit victims' need to resolve situations quickly. The option to pay a ransom for a decryptor to unlock forcibly encrypted data is presented to victims. If they pay more, their name will be removed from the victim list on a ransomware group's data-leak website. If they pay even more, they receive a guarantee that any data the attackers have already stolen or leaked would be deleted instantly. Many victims will feel the urge to do something in the mistaken belief that they can preserve stolen information and repair their reputation. Criminals do not hesitate to find the means to coerce a victim into handing over money. The majority of ransomware groups' promises are false, especially if a victim cannot independently verify them. It is not uncommon for victims to pay for data erasure guarantees. In May 2020, for instance, BlackBaud, a South Carolina-based publicly traded company that provides cloud-based marketing, fundraising, and Customer Relationship Management (CRM) software used by thousands of charities, universities, healthcare organizations, and others, fell victim to a ransomware attack. Three months later, the company reported having paid the cybercriminal's ransom to protect client information. Multiple incident response groups and law firms, including those who work with insurers, monitor ransomware groups by analyzing their negotiating strategy and tendency to give working decryptors. This information can help a victim decide whether or not to pay a ransom and what they will receive in exchange. It is essential to be aware of ransomware groups and to avoid supporting the ransomware ecosystem by giving in to cybercriminals' demands. This article continues to discuss why ransomware victims tend to pay for data deletion guarantees. 

DataBreachToday reports "Why Do Ransomware Victims Pay for Data Deletion Guarantees?"