Comment by ndiddy

> "NEVER EVER PAY RANSOM MONEY. Please. Even if your business will suffer it will suffer a lot more if you do pay since now it is known you'll cave. Also: you are making the problem larger for others."

These days, companies try to mitigate the reputational harm associated with paying the ransom by instead paying security firms that "specialize in ransomware recovery" and claim to have "proprietary trade secret means of decrypting their clients' files". These firms always just happen to charge more than the cost of the ransom for their services. They then provide a non-itemized receipt, and both parties walk away happy and without having to admit to anything. Here's a good article on this practice if you're interested. https://features.propublica.org/ransomware/ransomware-attack...