Lakeside House, Quarry Lane, Chichester PO19 8NY

Should you pay a ransom demand?

 At LMS Group we take cyber security extremely seriously, making sure that our clients are fully protected against cyber attacks and ransomware. Whilst we hope that by protecting our clients, they would never have to make this kind of decision, it is important to know the pros and cons in case the worse was to happen.

Picture this…you come into work on Monday and open up your laptop to find it infected with ransomware. The only way to gain access is to pay the ransom. Would you pay the ransom or risk losing everything?


Let’s look at the options and risks when it comes to making your decision.

Pros of paying the ransom

  • You can get your files back quicker.
    • A ransom attack can cause so much downtime throughout the business, and organisations simply can’t be interrupted for an extended period of time. Paying what can usually be a relatively small amount to get past the ransomware is extremely appealing and lets the company get back to normal immediately.
  • The ransom demand can be cheaper.
    • If you don’t pay the ransom, you might find the business will need to spend hundreds of thousands, if not millions retrieving the lost data. The money trying to get back up and running could then end up costing more than the ransom.

Pros of not paying the ransom

  • No guarantee you will get your data back.
    • It’s essential that you remember that the people behind the ransomware are criminals and want to profit off your misfortune. With that in mind, how do you know the cybercriminals will release your data once you’ve paid?
  • Cybercriminals will likely ask for more money.
    • You decide to pay the money and transfer that over to the attacker. What happens now? Well, more often than not they will ask for more money because they know that you are probably going to pay. This could then escalate into the business paying thousands of pounds and potentially not being able to recover.
  • You will be marked as a target and may get repeatedly attacked.
    • Once you’ve paid your attacker, there’s no doubt you will be marked as an easy target. This means that the days and months after, your business will be highly vulnerable. So, unless you have a new cyber security protection plan in place, you may be targeted again.
  • You enable ransomware crime to continue.
    • If you pay the ransom, it entices other criminals to get involved and target other organisations. Getting involved in ransomware will be seen as a lucrative activity and will fund other illicit activity.
  • You won’t learn your lesson.
    • If you just pay the ransom, you won’t feel the full effect or pain of a prolonged outage and the high costs of recovery. Not going through this will mean you aren’t motivated to implement cyber security improvements to the environment, leading to further attacks on your company.

To make sure you don’t even have to decide whether or not to pay the ransom, you should implement a robust cyber security plan that will protect your business and employees moving forward. Get in touch via the form below for a free cyber security audit or speak to one of our experts.

Visit LMS Group HQ