zlacker

>>Strang+(OP)
The donation is more or less virtue signaling rather than actual insight.

The problem can not be helped by research research against cybercrime. Proper practices for protections are well established and known, they just need to be implemented.

The amount donated should've rather be invested into better protections / hiring a person responsible in the company.

(Context: The hack happened on a not properly decomissioned legacy system.)

>>lexlam+65
I don't know what virtue signaling means. I think you mean they just did it out of spite.

>>AlienR+Kc
Refusing to pay a ransom and instead giving the money to the "ennemies" of the attackers isn't "virtue signaling" (as someone already commented: it's a "fuck you" to the attackers).

In french we call that a "pied de nez". "Turning the table" / "Poetic justice" / "Adding insult to injury" would all be more correct than "virtue signalling".

If there was no attacker and the company gave half a mil out of nowhere to a security company (or a charity) and boasted publicly about it, that would be virtue signalling.

But refusing to pay the ransom and giving the exact same amount to security researchers is just a big, giant, middle finger.

And a middle finger ain't no virtue signalling.

>>Tactic+pB2
If they wanted to meaningfully give a middle finger to the attackers they’d be spending the money lobbying for a ransomware payments ban, not throwing away money by giving it to universities that have a plenty of money and will probably do absolutely nothing to reduce ransomware attacks in the foreseeable future.