One of the ongoing debates amongst cybersecurity experts is whether or not victims should pay a ransom when attacked. Some argue for paying it, so as to minimize disruption in business service and potential data breaches. Others recommend holding out so as to disincentivize attackers from continuing this trend. The one constant is that without a defined action plan, ransomware attacks will continue to scale.
Axio’s Dave White was reached out to for comment in this article in the particular case of the Kaseya attack. He recommends that Kaseya reimburse individually attacked companies for any and all associated impacts of the attack, including ransom payments companies may make. He believes it would cost far less than paying the full ransom as some companies may recover on their own, and he also notes that REvil in particular is known to demand a second payment or release data meant to be destroyed, further validating the decision not to cooperate with them.