Paying the criminals is idiotic and high risk
I am still reeling and agitated that the Amateur Radio Relay League ARRL paid (or their insurers did) $1,000,000 to deal with their ransomware attack. It is utterly crazy and immoral to pay up, and of course great risk is they would not get the right keys.
This is a hobby, HAM radio. Amateur None of the data was that important. If asked, the amateur radio community could have recreated much of the data. ARRL claim that their most international project, Log Book of the World (LotW) was not affected but it was offline for weeks, so I am not so sure about that.
https://www.arrl.org/news/arrl-it-security-incident-report-to-members
How on earth does it still happen? I was caught out once by a feature on my Hyperoptic router that, despite clear pinhole rules, it opened up ALL my IPv6 ports to all my devices, so of course my idiotically set up guest account on my Raspberry Pi NAS was found and they encrypted all of 6TB. I learnt my lesson, secured my Pi better and disabled the router’s undocumented "feature". Wasted a few hours restoring everything from one of my other backups. The next day my Pi was back up and secured. So if I, as a non-IT trained individual can recover from such an attack there is no excuse for an organisation not to have backups, even if an old one to use. Don’t pay up.