Here are some facts that it’s important to not pay them. 80% of ransomware victims suffer repeat attacks, according to new report https://www.cbsnews.com/news/ransomware-victims-suffer-repeat-attacks-new-re... published June 17th 2021 Don’t pay them. Just clean your mess. 😊 Jean From: NANOG <nanog-bounces+jean=ddostest.me@nanog.org> On Behalf Of Michael Thomas Sent: June 24, 2021 5:59 PM To: JoeSox <joesox@gmail.com> Cc: nanog@nanog.org Subject: Re: Can somebody explain these ransomwear attacks? On 6/24/21 2:55 PM, JoeSox wrote: It gets tricky when 'your' company will lose money $$$ while you wait a month to restore from your cloud backups. So Executives roll the dice to see if service can be restored quickly as possible keeping shareholders and customers happy as possible. But if you pay without finding how they got in, they could turn around and do it again, or sell it on the dark web, right? Mike On Thu, Jun 24, 2021 at 2:44 PM Michael Thomas <mike@mtcc.com <mailto:mike@mtcc.com> > wrote: Not exactly network but maybe, but certainly operational. Shouldn't this just be handled like disaster recovery? I haven't looked into this much, but it sounds like the only way to stop it is to stop paying the crooks. There is also the obvious problem that if they got in, something (or someone) is compromised that needs to be cleaned which sounds sort of like DR again to me. Mike