The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains. But despite the similar characters and plots, these two stories have disparate endings — and seem to suggest two very different takeaways to corporations confronted with extortionists' demands and the question of paying or not paying a ransom. https://www.theregister.com/2023/12/28/casino_ransomware_attacks/ Which brings us to the often asked question: To pay or not to pay? I always get howled down for answering that paying is the obvious answer. It's a purely financial business decision. The only downside - and it could be a biggy - is that you have to trust the attackers to do as they promise. Unless they are a really rogue outfit they will abide by their demands because next time their threats will not have the same effect.
