Re: Crikey
The really interesting thing is that the recent attacks have gone after LARGE companies. Those companies almost certainly have good backups and maybe even reasonable disaster planning. However, it seems that if you choose a large enough company, they will be willing to pay a substantial sum just to minimise their downtime.
Restoring all backups, including all the employee desktops, will take a lot of time, and a lot of effort and cause massive business disruption. A few million to reduce that to (say) 24 hours to decrypt and restore operation probably looks like a good deal.
Of course, as well as the obvious problems of rewarding criminals, how do you know you really have a safe environment afterwards? All data correctly restored? No hidden infections waiting to hit you up for an ongoing "insurance fee" (protection money)?