Companies are being held to ransom. Should they pay up to get back online?
A devastating ransomware attack on a critical fuel pipeline in the United States has highlighted the growing threat that cyber criminals pose to the world's largest corporations and strategic infrastructure.
It also raises a thorny question: should companies held to ransom yield to extortionists or resist making payments? Often it's a choice between regaining access to IT systems for a fee so that operations can be restored, or running the risk of continued disruption that could have huge repercussions for employees, shareholders, customers, the economy and even national security.
In the case of Colonial Pipeline, which has yet to fully restore its operations, a lot is at stake. The pipeline delivers nearly half the diesel and gasoline consumed on the East Coast, and it provides jet fuel to major airports, many of which hold limited supplies on site. A growing number of gas stations are without fuel as anxious drivers rush to fill their tanks and American Airlines has been forced to add fuel stops on a couple of longer routes.
But paying the attackers risks encouraging even more ransomware assaults by demonstrating just how lucrative the business model can be. The FBI confirmed on Monday that the pipeline hackers are a criminal group originating in Russia named DarkSide.