How much proper security does $75M buy ?
Hopefully $Corporation will have learned this lesson.
An unnamed Fortune 50 corporation paid a stonking $75 million to a ransomware gang to stop it leaking terabytes of stolen data. The underworld outfit, which calls itself Dark Angels, doesn't go for the shotgun approach a lot of other malware-slinging teams use, in which multiple victims are infected at a time indiscriminately …
Exactly, nothing stopping the scumbags coming back asking for a second and third payout for the same data, because you can bet they didn't delete their copy after they got paid. The scam that keeps on giving. Also, nothing stopping the scammers from publishing the data whenever they want or selling it to other scammers.
Indeed. That was a painful lesson learned with the rash of plane hijackings in the 70s and 80s - the old "Take this plane to Cuba!" trope.
At first, the hijackers' demands were met; ransoms were paid, prisoners were freed, and so on.
And then slowly it dawned on the authorities that in the long run this was counterproductive - "once you have paid the Danegeld", et cetera.
Public policy became "we don't negotiate with terrorists"; demands for ransom were ignored.
And very quickly, plane hijackings ceased (until 9/11, of course; and there's evidence from the time that the reason the passengers on those doomed aircraft didn't rise up and overpower the terrorists was that they all assumed it was a run-of-the-mill land the plane, demand concessions, free the hostages type deal, and they'd therefore all be OK if they kept calm and didn't cause trouble. But I digress.)