zlacker

[parent] [thread] 2 comments
1. wallet+(OP)[view] [source] 2025-11-13 11:38:21
Completely useless take in the real world where these payments are common, it makes no difference whatsoever if an individual or even vast majority of victims stop paying. Ransomware will remain incredibly lucrative until payments are outlawed.

The cost of an attack like this is in the thousands of dollars at most, the ransom payments tend to be in the millions. The economics of not paying just don’t add up in the current situation.

replies(1): >>weird-+C2
2. weird-+C2[view] [source] 2025-11-13 11:58:54
>>wallet+(OP)
How do you know it isn't illegal when you pay the ransom?

You could very well be making a payment to a sanctioned individual or country, or a terrorist organization etc.

replies(1): >>wallet+e8
◧◩
3. wallet+e8[view] [source] [discussion] 2025-11-13 12:43:21
>>weird-+C2
There are best practices for this, you normally hire a third party to handle the negotiations, payment process and the necessary due diligence.

For example the UK government publishes guidelines on how to do this and which mitigating circumstances they consider if you do end up making a payment to a sanctioned entity anyway https://www.gov.uk/government/publications/financial-sanctio...

They directly state as follows:

> An investigation by the NCA is very unlikely to be commenced into a ransomware victim, or those involved in the facilitation of the victim’s payment, who have proactively engaged with the relevant bodies as set out in the mitigating factors above

i.e you’re not even going to be investigated unless you try to cover things up.

This is a solved problem, big companies with big legal departments make large ransomware payments every day. Big incident response companies have teams of negotiators to work through the process of paying, and to get the best possible price.

[go to top]