Censornet Offer Comment: Refunding victims ransomware payments
March 2021 by Ed Macnair, CEO of Censornet
Given the news that a ransomware admin is refunding their victims payments, Ed Macnair, CEO of Censornet, has provided comment warning individuals of follow-up attacks:
“It’s very unusual for hackers to offer a refund after strong-arming victims into paying a ransom. Burglars don’t tend to hand back money after stealing someone’s jewellery and neither do ransomware attackers.
This offer should be treated with absolute caution, after damaging potentially thousands of organisations I’m not sure if the administrators of Ziggy ransomware will be earning the trust of anyone anytime soon. When an attacker makes an apparently kind-hearted gesture like this and asks for bank details, there’s a chance they are planning to cause more pain. Don’t fall for follow-up attacks.
Businesses should make sure they never end up in a situation where they’re paying ransoms to criminals so it’s important to make sure attackers don’t manage to get a foothold in the first place. To prevent ransomware attacks you need to have the right solutions in place in the first instance. Primarily multi-layered Email protection systems with the latest threat-intelligence should be employed, along with antivirus software that’s kept up to date so the latest threats are addressed.
Additionally, staff need to be trained to recognise a phishing email that’s designed to fool them into handing over passwords or other information which allows hackers to gain access to the network. The weakest point in your network always is and always will be human error”.