Re: I agree with every word
"Good for you - easy to pass judgement when your livelihood is not affected. Would you not do everything in your power to save your business?"
Everything in my power? Even on the brink of disaster? That's a hard no. Consider this situation:
You and I run a business together. It's small, sometimes profitable. We get a large contract which requires us to invest a lot of our money, but it's going to pay us good profits. After considering it, we accept. Then it turns out to be a scam. They've stolen our money. We'll have to declare bankruptcy tomorrow because we haven't the money to pay for the lawsuit to get our resources back. Our employees will lose their jobs. This is terrible and it's not even our fault. We could try to liquidate our resources, but our building's not worth much. Then it strikes us. While our building isn't easy to sell, we've insured it for quite a lot because it's important to us. If we committed insurance fraud, we'd have enough money to save our livelihoods and those of our employees. All we have to do is burn the building down tonight, taking care not to let anything happen to other buildings, and file a claim. Would you commit the fraud?
I'm guessing your answer is no. Why not? The only entity to get hurt is an insurance company. They have plenty of money. They can take it. Still no? If you don't, your employees are going to have to spend tomorrow on the phone to the unemployment office and your bank account is empty. Still not doing it?
Of course you're not doing it, because insurance fraud and arson are wrong. You are doing harm to someone. Paying the ransom, in addition to being a bad idea, is also harming others by making more of a market for others to develop and deploy ransomware. I won't do "everything in my power to save my business" because some of the things in my power are wrong. Sometimes, I have to do what's right even though it would work better for me to do a wrong thing. Some countries make paying the ransom illegal for exactly this reason, but even if yours hasn't, you have to take into account the harm you're going to do. Of course arson is more dangerous than paying a ransom, but if we compared it to insurance fraud without arson, they're quite similar. In fact, I think paying a ransom is worse than otherwise-victimless insurance fraud--I have more sympathy for multiple, mostly small victims of ransomware than a large, cash-rich company. Yet I still won't commit insurance fraud. And I won't pay a ransom either.