The main reason why ransomware is so widespread and is not going away in the foreseeable future: The only way to stop the downtime hit and resultant revenue loss is not just data backups but redundant systems. Think along the lines of a backup power generator that kicks in within seconds of a power loss. CEO's need to put as much emphasis on their computer systems as they put on the rest of their infrastructure in their disaster recovery plans. And for SMB's if you don't have a disaster recovery plan, you are indeed a "disaster waiting to happen."
Well if those backup systems are that illegitimate for them, then they better begin to seek out a dedicated ransomware security solution that has a proven track record. On the other hand, isn't this clever of the bad guys. Since they must have knowledge in the comparisons of cost between the two, they only need plan the demand to a favorable mediocre number, collect the payoff-returning those systems back to normal until they pop it in on them again at another selective period of time later knowing they'll pay up.
If it costs lots of money and takes lots of time to restore from the backup, that means they are reinstalling the OS and software, and then copying over the data. Why not just make system images, like we do? Then you just push a button. I'll push the button for them, for less than the extortion fee
Residual income just like modern day insurance agents. And exactly like old-time gangsters who were insurance agents.
Because on a corporate network hundreds and possibly thousands of PCs exist. Also, believe it or not, as a rule individual PC's files are not globally backed up; only server resident databases are. Usually, the policy is user's are responsible for backing up their device files to the server.