Re: Can somebody explain these ransomwear attacks?

I think a big problem may be that the ransom is actually very cost effective and probably the lowest line item cost in many of these situations where large revenue streams are interrupted and time=money (and maybe also health or life).

Big problem that with organizations' existing Disaster Recovery DR methods --
the time and cost to recovery from any event including downtime will
be some amount.. likely a high one,
and criminals' ransom demands will presumably be set as high a price
as they think they can get --
but still orders of magnitudes less than cost to recover / repair /
restore, and the downtime may be less.

The ransom price becomes the perceived cost of paying from the
perspective of the
organizations faced with the decision, But the actual cost to the
whole world of them paying
a ransom is much higher and will be borne by others (And/or themselves
if they are unlucky)
in the future, when their having paid the criminals encourages and
causes more and more of that nefarious activity.

I would call that a regulatory issue regarding commerce and payments
not able to be addressed by technology.

No matter how much companies can improve your DR process to cost less
for a recovery
and take less time -- a recovery is bound to still involve some
downtime and cost a large enough amount where it
will then be possible for motivated criminals to come up with a
dollars cost improvement for a ransom that will be less than it.

I do wonder for a moment.. about companies paying ransoms: Do they
somehow manage to get
the crooks' W-9 and verify their identity, as required when an
organization makes a payment to
any 3rd party -- or do those paying ransoms somehow circumvent the
mandatory tax reporting and
witholdings, B/c it seems like making a payment to an Unnamed /
unidentified / unverifiable party
ought to be a crime or make the payor be considered an accomplice in
the crooks' evasion of the taxing authority?

I always think.. have the governments impose penalties, eg.
"If you make a payment for a ransom, then a penalty of $10k plus
10000% the ransom will be due."
/ Have it be a more-severely penalized crime to send any digital
payment for a transaction above X say $1000 without the Proof of
and Physical location of all Payees -- make sure it gets enforced
strictly against anyone paying a ransom.
Make the ransoms not payable without larger repurcussions, and perhaps
the crooks will have to find a new profession.

Well, the cost of the DR fire drill is proportionate to how automated, etc, it is. If you think that the odds of a DR event are really low you want to make it possible but not necessarily cheap. If it happens all of the time, you want to optimize for speed and efficiency.

The object here is to break their business model, at least for you. Even if you go through one DR they aren't likely to go back again rather than finding another sucker.