When pressed at the Cyber Security Summit in Boston last year, an assistant special agent in charge of the FBI's Cyber and Counterintelligence Program explained that the bureau generally recommends organizations hit with ransomware that need to get their files back are often advised to pay up, because there is usually no alternative to doing so. However, in response to a letter from a U.S. Senate committee, the FBI recently changed its tune, reports Softpedia.
The official stance, which may not be of much help to hospitals and other organizations facing this emerging threat, is now: "The FBI does not advise victims on whether or not to pay the ransom," according to the letter.
Additionally, Donald Good, deputy assistant director of the bureau's Cyber Division, wrote that the FBI strongly recommends the use of backup files to minimize the impact of such an attack. Regularly backing up files means an organization can then clean its networks of everything, including the malware responsible for ransomed data, and restore everything to working order in nearly the same condition as before the attack.