Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Don't pay ransoms. But if you must, here's where to buy the Bitcoins

Maria Korolov | April 5, 2017
If you're hit by ransomware and you have to pay the ransom -- what do you do?

Credit: REUTERS/Jim Urquhart

Ransomware grew into a $1 billion industry last year, and ransom payments now account for nearly 10 percent of the entire Bitcoin economy.

Avoiding becoming part of that statistic requires good endpoint security and effective backups. But what if your defenses fail, your backups are inadequate, all attempts to restore the data fail, and you have to pay the ransom after all -- what do you do?

First of all, get the ball rolling on improving your security. Second, if the ransomware includes a recommendation for where to buy the Bitcoins, take it with a grain of salt. These guys are, after all, criminals. They might steer you wrong.

Instead, go to a reputable exchange.

Several experts recommended Coinbase. It's the largest Bitcoin company and received a license from the New York Department of Financial Services earlier this year. That means it has met the state's consumer protection and cybersecurity standards.

"Coinbase is also the only exchange that is insured," said Konstantinos Karagiannis, CTO of the security consulting practice at BT Americas. "They have Lloyds of London."

It also has low transaction fees and is easy to use, he added.

"That's what I recommend for newbies," he said. "Coinbase is the most user-friendly and safest way to get Bitcoin."

"But if you lose your password, they're not going to cover you," he warned.

Rick Holland, vice president of strategy at London-based Digital Shadows, also recommended Coinbase, but added that transactions can sometimes take up to four days.

"When dealing with a ransomware payment, however, time might be critical, so you need to find an exchange that transfers Bitcoin into your account quickly," he said, recommending the Bitcoin broker Local Bitcoins.

For more exchanges, check out the list of recommendations at, said Israel Barak, CISO and incident response director at Cybereason.

"There are plenty of reputable sources there," he said.

Barak said that he's used several Bitcoin exchanges, including Coinbase, Bitpay, and Coingate, and they've delivered on their premises.

In addition, some vendors may also offer Bitcoin-related services, said Barak, if one of their clients needs to pay a ransom in a hurry.


Stock up in advance

If you think there's a chance that your company will be hit and that you might have to pay a ransom, it might make sense to set up your Bitcoin account ahead of time and go through the exchange's authentication system, and maybe even buy some Bitcoins to keep in reserve.

This is particularly important for companies that don't have an emergency procurement process, said Barak.


1  2  3  4  Next Page 

Sign up for Computerworld eNewsletters.