[fragmede]

The princely sum of $5,000. We got that at my employer back in 2016. We got hit by a ddos, and decided to ignore it, though we did dig up some BTC just in case. We enacted a bunch of DDoS protection as a result, costing way more than $5,000, but not paying money to extortionists is worth every penny.

[jnsaff2]

About 20 years ago I was kinda accidentally the guy who dealt with the DDoS attacks in the sysadmin team. There was a sequence of extortion emails during about 2 week period:

1. $50k or we attack - didn’t register anything

2. $25k or else - a minor overload on the server but nothing serious.

3. $10k or else - a serious attack which affected the service in a major way.

4. $5k or we really pissed - this time they took down a whole Tier2 ISP and Datacenter in London for a day. Other carriers peering on London Internet Exchange had to blackhole traffic to our service provider and finally kept blackholing one of our IPs for a while. I had to scramble to find a DDoS mitigation service, new DC and servers.

We did not respond to any of the emails. The attackers were also quite dumb, they attacked the web servers which were located in a well connected place.

The money making service of the business was in the Caribbean with a 1,5Mbps T1 and a 0,5Mbps satellite backup. They could have saturated those much easier for much longer and the impact then would have been about $1M revenue loss per hour.

[vsnf]

The problem with paying extortion or ransoms is that you incentivize the attacker to come back and do it again. It may have been $5k to pay off one attacker and more than that to build the defense, but now you have defenses and are less likely to suffer attackers in the future. And as you say, not paying money to criminals is inherently worthwhile.

[dextro42]

This might something for you (and the repliers):

From the german chaos computer clubs yearly meeting. Linus talks about what to do and who ransoms work, how "well" the service is and briefly pros and cons of paying.

https://media.ccc.de/v/37c3-12134-hirne_hacken_hackback_edit...

Also a good one was the first part: https://media.ccc.de/v/36c3-11175-hirne_hacken

[fragmede]

and this wasn't a poor company, so $5,000 was nothing in the scheme of things

[thaumasiotes]

It is often a temptation to a rich and lazy nation

To puff and look important and to say

Though we know we should defeat you

We have not the time to beat you

We will therefore give you cash to go away

And that is called paying the Dane-Geld

And we've proved it again and again

That if once you have paid him the Dane-Geld

You never get rid of the Dane

[aleksiy123]

On the other hand the attacker may actually have incentive to follow through and hold up their end so as to build a reputation. Making their next victims more likely to just pay.

Somewhere I read that some ransomware had excellent "customer" service for helping you transfer over the payment and promptly restore your files.

[sedatk]

“Ransomware Reality Shock: 92% Who Pay Don’t Get Their Data Back” https://www.forbes.com/sites/daveywinder/2021/05/02/ransomwa...

[wruza]

This stat includes everyone, some of them may not research what hit them. One of my clients decrypted his database twice, after seeing on the internet that they actually send a decryption key.

[sedatk]

Oh, got it. So, the next ransomware author should just brand their ransomware as one of the "honest" ones :)

[mort96]

I mean it's not like these people are operating under " long lived identities and want to build a long term business relationship with you.

From their side, the logic seems as simple as: repeat the attack -> some chance of more money, don't repeat the attack -> 0% chance of more money

[soraminazuki]

Scammers acting like an adult is hard to believe. They’re usually quick to start yelling and cursing in Kitboga videos.

[dhosek]

The serious organized crime outfits are very organized. They’ll provide customer support to walk you through purchasing and transferring the bitcoin.