--- title: "What to do If You’re Hit by Ransomware | Phish Protection" description: "There" image: "https://phishprotection.com/og/blog/what-to-do-if-youre-hit-by-ransomware.png" canonical: "https://phishprotection.com/blog/what-to-do-if-youre-hit-by-ransomware/" --- Quick Answer There's much \[debate\](https://www.securityweek.com/ransomware-rages-debate-heats-response) going on today about what to do if your organization gets hit by ransomware. There's really only two choices: pay it or don't. And which side you come down on says a lot about your big picture perspective. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhat-to-do-if-youre-hit-by-ransomware%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=What%20to%20do%20If%20You%26%238217%3Bre%20Hit%20by%20Ransomware&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhat-to-do-if-youre-hit-by-ransomware%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhat-to-do-if-youre-hit-by-ransomware%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhat-to-do-if-youre-hit-by-ransomware%2F&title=What%20to%20do%20If%20You%26%238217%3Bre%20Hit%20by%20Ransomware "Share on Reddit") [ ](mailto:?subject=What%20to%20do%20If%20You%26%238217%3Bre%20Hit%20by%20Ransomware&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhat-to-do-if-youre-hit-by-ransomware%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/07/phishing-prevention-best-practice-4796.jpg) There’s much [debate](https://www.securityweek.com/ransomware-rages-debate-heats-response) going on today about what to do if your organization gets hit by ransomware. There’s really only two choices: pay it or don’t. And which side you come down on says a lot about your big picture perspective. Recently, U.S. Mayors, at their [yearly conference](https://www.securityweek.com/us-mayors-pledge-not-give-ransomware-demands), which represents over 1,400 mayors from U.S. cities with over 30,000 people, adopted a resolution not to give in to ransomware demands. Of course the mayors “admitted that _ransomware attacks can result in the loss of millions of dollars and months of work to repair damage_, but highlighted that paying the attackers only ‘encourages continued attacks on other government systems, as perpetrators financially benefit.’” The mayors’ perspective is, we’re in this for the long haul and we want to discourage ransomware attackers. That can be an expensive proposition. In the case of the Baltimore, MD ransomware attack, “Officials refused to meet hacker demands for a ransom of $76,000 to unlock the systems, but have been saddled with an estimated $18 million in costs of restoring and rebuilding the city’s computer networks.” Taking the other tact, LaPorte County, IN [chose to pay $130,000](https://www.securityweek.com/indiana-county-pays-130000-response-ransomware-attack-reports) in ransom to their attackers. Perhaps they choose to do that because “LaPorte county’s insurance will reportedly cover $100,000 of the $130,000.” That takes a little bit of the sting off. The problem’s getting worse. “_Globally, losses from ransomware rose by 60 percent last year to $8 billion_, according to data compiled by the Internet Society’s Online Trust Alliance.” So, the decision on what to do about ransomware is a big one. What does the FBI say? [They say don’t pay it](https://www.securityweek.com/statistics-say-dont-pay-ransom-cleanup-and-recovery-remains-costly). Of course, getting your systems back up and running isn’t their problem. Ask ten people what to do about ransomware and you’ll get eleven opinions. What if you were given a third choice? Pay the ransom, try to solve the problem yourself or don’t get hit by ransomware in the first place? Everyone would choose the third, so why don’t they? ![Phishing prevention best practice](https://media.mailhop.org/phishprotection/images/2019/07/phishing-prevention-best-practice-4796.jpg) Somewhere around [97% of ransomware](https://www.esecurityplanet.com/network-security/over-97-percent-of-all-phishing-emails-deliver-ransomware.html) is the result of a successful phishing attack. [**Prevent phishing**](/content/phishing-prevention/) and your **prevent ransomware**. What percentage of these ransomware victims do you think were protected by [phishing protection](/) technology? Not very many. Not implementing **anti-phishing technology** cannot be due to its cost. In the case of LaPorte County, IN, the ransom they paid could have covered the cost of phishing protection for every employee for almost 40 years. So, why don’t cities and organizations jump on **phishing protection technology**? It’s not clear. But what is clear is that they should. ![Phishing attack prevention](https://media.mailhop.org/phishprotection/images/2019/07/phishing-attack-prevention-2876.jpg) [Phishing prevention](/products/advanced-threat-defense/) technology is cloud-based, which means there’s no hardware or software to buy, install and configure. It works with any email service, on-premises or hosted. It’s incredibly affordable - just pennies a day per employee. And you can be up and running in 10 minutes. Ten minutes. Pennies a day. No ransomware. You have no excuses. ## Topics [ Phishing ](/tags/phishing/)[ Phishing Awareness ](/tags/phishing-awareness/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Foundational 5m 0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[ Foundational 23m Anatomy of a Trust-Based Attack: Deconstructing the Nifty.com Phishing Campaign and the New Frontier of Corporate Defense Jun 10, 2025 ](/blog/anatomy-of-a-trust-based-attack-deconstructing-the-nifty-com-phishing-campaign-and-the-new-frontier-of-corporate-defense/)[ Foundational 5m Business Essentials: The Top Email Marketing Security Strategies for 2023 Dec 13, 2022 ](/blog/business-essentials-top-email-marketing-security-strategies-2023/)[ Foundational 5m Interserve Fined $5 Million by ICO and Why Anti-Phishing Measures are the Need of the Hour Oct 28, 2022 ](/blog/interserve-fined-5-million-ico-anti-phishing-measures-hour/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"What to do If You’re Hit by Ransomware","description":"There's much debate going on today about what to do if your organization gets hit by ransomware. There's really only two choices: pay it or don't.","url":"https://phishprotection.com/blog/what-to-do-if-youre-hit-by-ransomware/","datePublished":"2019-07-23T15:11:27.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-07-23T15:11:27.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/what-to-do-if-youre-hit-by-ransomware/"},"articleSection":"foundational","keywords":"Phishing, Phishing Awareness","wordCount":494,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/07/phishing-prevention-best-practice-4796.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"What to do If You’re Hit by Ransomware","item":"https://phishprotection.com/blog/what-to-do-if-youre-hit-by-ransomware/"}]} ```