________________________________________________________________________________
Paying to decrypt ransomed data seems bonkers too. You’re going to trust they didn’t change something during the encrypt/decrypt process (even if by accident like a bug)? Do people that pay the ransom do something to mitigate this risk?
Every case is different, but the malware authors are often willing to share the decryption tools with Coveware for vetting, even before payment is negotiated for the keys. The hackers have no part in the decryption process.
They could very well have changed something on purpose before encrypting, but they do have a reputation to uphold if they want to keep getting “customers”. At least in the high profile cases, the ransomers do seem to be honest and dependable if they are paid.
Love your work dude, but mobile friendly website please.
Ransomware attackers must be handled by law enforcement (domestic attackers) and military (foreign attackers).
If needed, pay for it by taxing and fining the heck out of orgs who get hacked / sell insurance backed by best-practice audits.
Most cars that are stolen had been left unlocked (i.e. the owner did not follow best practices). Should victims of car theft pay for all policing related to auto theft?
Regardless of your answer to that question, you should remember that law enforcement are not there to serve and protect the people, LE are there to serve and protect the system (society and government). Many law enforcement agencies have been sued for failing to protect the citizenry, and their defense is usually that they have no duty to do so.
If you leave your car unlocked and the guy who stole it uses it to run someone over and leaves the scene, you should certainly be fined.
Why fine the groups who get hacked?
The longer you delay the leak the less backlash you and everyone else will get.
Data also atrophies over time.
And most importantly you might even be CTO of a new company and it's no longer your problem.