With the threat of ransomware hanging over every company’s head, does it make sense for companies to stockpile a few bitcoins in the event of a ransomware attack?
Yeah, yeah, I know the party line. You should never pay the ransomware developers as it only encourages them to continue. I am a realist, though, and sometimes there simply is no choice for a company. When ransomware locks up all your data, patient records, architectural drawings, or legal documents, an organization has to ask themselves whether it’s more important to pay the ransom or kiss their data goodbye, lose revenue, time, clients, and possibly the company itself.
With that said, Bitcoins are down in price recently due to the Bitfinex hack, but can easily start to move up again. Just last October 2015, the price of a single bitcoin was under $300 USD. This year it went as high as $758 USD, but since the Bitfinex hack, has been hovering under $600.
Paying a ransom is not an easy choice by any means and one I have not had to deal with for my own data. I have, though, worked with many companies who have emailed me for help when it comes to ransomware. I try to help them using free decryption tools, recovery tools, and backups, but if that is not an option, ultimately every one of them has decided to pay the ransom. Though it may not have been the right choice for stopping the ransomware epidemic, in their eyes it was the right choice for them.
One of the biggest problems that all of these companies faced, though, was actually getting the bitcoins. With most ransomware using a timer that gives anywhere between 3-5 days to pay the ransom before the price doubles, most companies simply do not have the time to get the bitcoins they need to pay the ransom. Even worse, sometimes they buy the right amount, but the timers runs down before they get the coins and now they have to pay double.
Unfortunately, there are no easy and quick ways to get bitcoins unless you live near a bitcoin ATM, but even these sometimes have limits of only a $1,000 worth a day. You can try LocalBitcoins, but many of the offers are ATMs, while the others require you to blindly deposit money in an account before getting bitcoins, or feel like your doing something illegal by meeting anonymous sellers in parks and cafes.
Ultimately, when people ask me where to get bitcoins, I refer them to CoinBase or Circle as both are located in the United State and are registered US financial institutions. This personally makes feel more comfortable when using them rather than many of the other ones out there that I have no idea who runs them or where they are located.
I have used CoinBase in the past, but the problem is that it can still take almost a week to acquire bitcoins. For example, on CoinBase it takes 2-3 business days to get verified and then another 2-3 days to get the bitcoins by paying through a bank account. You can typically get bitcoins a bit faster by paying with credit card, but the buy limits are much smaller, so you may not be able to buy enough coins to pay the ransom.
By the time you get these bitcoins, your ransom may have doubled to close to or over $2,000 for many of the current ransomware infections. The other issue is that new customers, for both companies, typically have weekly limits that may not be enough to cover a ransomware payment through any payment method.
With this said, companies need to take a serious look and decide if investing in a few bitcoins makes sense for them. Just like companies keep spare hardware on hand in the case of an emergency, maybe bitcoins should be treated the same way?
With the popularity of bitcoins in online criminal activities and the epidemic of ransomware, it can’t hurt to have a few bitcoins stored away. If you ultimately decide to never pay a ransom, maybe the bitcoins will go up in price and you can sell them for a profit instead.