A comment made by an FBI agent at a little-noticed cybersecurity conference in Boston last week is all of a sudden making big headlines, many of them suggesting that the FBI is telling victims of ransomware to “just pay” the ransom.
The comments by Joseph Bonavolonta, Assistant Special Agent in Charge of the Cyber and Counterintelligence Program in the FBI’s Boston office, were first reported by The Security Ledger.
What Bonavolonta supposedly said is that the encryption used by cybercrooks in the ransomware known as CryptoWall is so good that the FBI “often [advises] people just to pay the ransom.”
Here’s the exact quote:
The ransomware is that good... To be honest, we often advise people just to pay the ransom.
Bonavolonta was also quoted as saying “the easiest thing may be to just pay the ransom,” and the “overwhelming majority of institutions just pay the ransom.”
And he said: “You do get your access back” (to your files once you pay).
It’s true that CryptoWall and some other variants of ransomware tend to get the cryptography right, which means you can’t undo the encryption without paying.
It’s also true that a lot of institutions and individuals do pay the ransom – one study in the UK suggested that up to 40% of victims of CryptoLocker – the forbearer of today’s file-encrypting ransomware – paid to unlock their files.