> Which if you pay the ransom, means also relying on the word of the people that are actively extorting you.
As weird as it sounds, reputation matters for these guys. If you have a track record of taking the money and publishing data anyway, no one is ever gonna bother paying you in the first place. Why would they? Your data is gonna get published no matter what, may as well save the ransom money.
1. If you *don't* pay, then you know bad things will happen.
2. So you might as well pay, regardless of their reputation, because your chances are strictly better even if they are nearly nothing.
3. Knowing that, there is no incentive for them to maintain a reputation by honoring the ransoms.
As weird as it sounds, reputation matters for these guys. If you have a track record of taking the money and publishing data anyway, no one is ever gonna bother paying you in the first place. Why would they? Your data is gonna get published no matter what, may as well save the ransom money.