Garmin reportedly paid cyber extortionists millions of dollars for access to a decryptor so that the company could restore its services to customers following a July 23 WastedLocker ransomware attack. Meanwhile, a separate ransomware outfit this week reportedly leaked sensitive data lifted from LG and Xerox’s internal networks after attempted negotiations with the two tech companies apparently did not bear any fruit.
Which leads to the question: Who made out better in the short term and the long term, Garmin or LG and Xerox? Does it make more business sense to pay a high financial price now to avoid exacerbating the crisis, or to not pay but then suffer for perhaps months and years to come due to loss of proprietary data and a damaged reputation? The answer to that might depend on your personal point of view, and how closely you adhere to the recommendations of federal law enforcement officials, who advise to not pay.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.