Ransomware Payment Debate

Good. paying ransoms only incentivizes the behavior.

That's naive. If you pay a ransom they'll be back shortly for more. You've just turned yourself into an ATM for your attackers.

Banning ransoms directly is a good idea. Even if that results in massive losses or even bankruptcies by victims, that is an acceptable consequence to prevent money from flowing to criminal organizations and hostile foreign governments. Sometimes you have to amputate a damaged limb to save the body. Paying a ransom in any circumstance should be a criminal offense.

Given that paying the ransom only outs yourself as a potential repeated target who pays, it was a wise decisionSource: https://searchsecurity.techtarget.com/news/252502519/Repeat-...

why am i reminded of ransomware? maybe because extortion means punishment, if you dont pay, but ransomware, means return to square one if you pay. i hope this kind of behavior gets the interaction required, to end it.

paying the ransom is just as bad, since it confirms that there's something worth covering up.

Is it illegal to pay the ransom?

It should be illegal to pay a ransom to cyber criminals, every time it happens you’re increasing the incentives for these activities and you’re making it more likely to happen again in the future. If it’s illegal, these groups would feel less attracted to attack companies, because they know they wouldn’t be compensated for it.

I'm ignorant but I've never understood why people actually pay the ransom. Aren't the attackers anonymous? What stops them from asking for another $Y after they get their $X, and not actually removing the ransomware? There's not much incentive for the attackers to actually do what they say after you pay them, right?

Why not just criminalize paying ransoms? Remove incentives and don't fund criminals.