zlacker

I would totally agree with you if we lived in a hypothetical world where ransomware payments aren’t super common anyway.

Until there is legislation to stop these payments, there will be countless situations where paying is simply the best option.

>>wallet+(OP)
> Until there is legislation to stop these payments, there will be countless situations where paying is simply the best option.

Paying the ransom is not exactly legal, is it? Surely the attackers don't provide you with a legitimate invoice for your accounting. As a company you cannot just buy a large amount of crypto and randomly send it to someone.

>>yreg+Y7
Paying the ransoms is almost always legal in basically all western countries unless the recipient has been sanctioned.

> As a company you cannot just buy a large amount of crypto and randomly send it to someone.

You can totally do that, why wouldn’t you be able to?

>>yreg+Y7
Most of the time the company doesnt pay directly.

They hire a third party, sometimes their cyber insurance provider, to "cleanup" the ransomware. That third party then pays another third party who is often located in a region of the world with lax laws to perform the negotiations.

At the end of the day nobody breaks any laws and the criminals get paid.

>>wallet+Vc
Because its fraud. You cannot just take money out of the company, you have to put something in your books.

>>yreg+yl
So you obviously put “ransomware payment” in the books.

>>wallet+hq
What invoice or receipt do you include?

>>yreg+vo2
That’s something you don’t actually have to do anywhere I know of.

Sure, in the US, you want to have those things to prove your expenses to the IRS, but it’s all pretty freeform. You could just document the ransomware payment process with screenshots, for example.

Besides, if you ask, I’m sure the ransomware group will send you a very professional-looking invoice and receipt.

Normally, you’d be going through an IR company anyway, who would invoice you and handle the payment process on your behalf.