Sensitive data of students and teachers of ROC Mondriaan in The Hague was recently leaked.

That happened after the educational institution, in consultation with the Ministry of Education, Culture and Science, refused to pay an undisclosed ransom to hackers.

Sometimes companies do pay.

An expert explains to NU.nl how these choices can be made.

If companies are hacked, the government advises not to pay for a ransomware attack.

Communication with hackers is also discouraged, a spokesperson for the Ministry of Justice and Security explains.

In a ransomware attack, hackers encrypt data with which they then blackmail a company for money.

If payment is made, the data is usually made accessible to the company again.

The government believes that if the hackers do not receive any money, the revenue model will disappear.

Paying isn't always a bad idea

Pim Takkenberg works at cybersecurity service provider Northwave and he generally thinks government policy is a smart choice.

In this way, a clear signal is sent to the criminals.

If you look purely at the situation of a company, paying can sometimes be smart.

A ransomware attack can completely destroy a company, he says.

"Computer systems can sometimes be blocked for long periods of time," Takkenberg says.

"Stolen data can also be so sensitive that leaking it can have enormous consequences. Years after a hack, they can still be used for identity fraud and extortion, among other things. In such a case, paying is simply the best option for a company, because you thereby limiting these risks."

According to him, government advice is not the only solution to the problem.

The policy is not applied by everyone after an attack, because the advice is non-binding.

Overturning the revenue model of hackers is therefore more symbolic than effective, he emphasizes.

According to a spokesperson for the Ministry of Justice and Security, the policy is symbolic.

"It's a tough policy, with a clear message to criminals."

'An international fist must be made'

If we want to tackle a ransomware group, we need to overthrow the criminal structure behind it, Takkenberg says.

"The Netherlands cannot do it alone. An international fist must be made."

That fist is currently still difficult to achieve, he explains. "If there are still countries that do not or hardly act against hacking groups, it will be difficult to block the formation of hackers."

Keywords: