Can you explain this a bit more? I'm not sure how it contributes to the motivation for the attackers, as the motivation is already pretty high due to the ease of execution.
From my point of view, whether or not there is a legitimate process built around the ransomware attacks, the attackers will simply continue business as usual; there's no fear or penalty for them, the workflow of their process is not disrupted in the slightest (the bitcoin payments can still go through), and I don't really get the impression that the legal background of the victim's country is taken into consideration by the attackers.
(All of the above is why I'm pretty sure that the idea of "make paying the ransom illegal" will have no impact on the number of attacks, as such a policy does nothing to actually impede the workflow of ransomware; all it does is create another decision point for an already damaged group of persons as to whether they commit an illegal act or not to try to save their business)
I was thinking this plus the insurance will make it such that most companies will just pay the ransoms instead of working to secure their systems and train employees. No defense is perfect but also these criminals shouldn’t get paid.
From my point of view, whether or not there is a legitimate process built around the ransomware attacks, the attackers will simply continue business as usual; there's no fear or penalty for them, the workflow of their process is not disrupted in the slightest (the bitcoin payments can still go through), and I don't really get the impression that the legal background of the victim's country is taken into consideration by the attackers.
(All of the above is why I'm pretty sure that the idea of "make paying the ransom illegal" will have no impact on the number of attacks, as such a policy does nothing to actually impede the workflow of ransomware; all it does is create another decision point for an already damaged group of persons as to whether they commit an illegal act or not to try to save their business)