[st_goliath]

I kind of find it funny how there are several threads were people discuss this as a tax loop hole, but assume that you'd actually have to stage a ransomware attack in order to use the loop hole.

That would entail actual work, reduce company productivity and induce steps that could go wrong along the way. I'd call that Rube-Goldberg style tax evasion.

[deepserket]

I am not able to understand what you are saying.

You could just stage a ransomware before a prolonged downtime (eg. phishing happy new year emails from an account with a leaked credentials in the source code that's accessible via website.com/.git) and hope that one of your employees will click on the attachment.

That would be quite easy IMHO

[st_goliath]

You are thinking way too complicated.

Ok, let me just put the moral compass aside for a moment and put on my John Grisham fanfic hat so I can answer to this:

You simply buy $CRYPTO_CURRENCY, siphon the money off into a shell company in your favorite tax heaven, write it up as ransom payment, done. You might not even need the first step by having the shell company pretend to be a crypto currency exchange.

If you are a big enough company to bother with shell company tax evasion shenanigans, you probably have enough departments that some of them barely know each other or communicate. Spreading a rumor of a single department being hit by ransomware should be enough in case someone from the IRS actually bothers to come by and ask around.

If you really must, maybe pay someone in IT some hush money and ask them to turn a few servers off for a day or so to put up a convincing show. I'd advise against that though, since in my experience, technical people are notoriously bad at lying about technical things.

But actually phishing your own employees and staging a real ransomware attack is an unnecessary risk with too many variables where things might actually go wrong. Besides, the people pulling the strings here may have a law and/or accounting background, but probably not IT.