Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Ransomware is a profit-driven enterprise. If it is made unprofitable, most attacks will quickly stop.

This is conjecture presented as fact.

Here is an alternative conjecture: what if ransomware is mainly a sociopathically-driven enterprise, with a side interest in profit? Or what if a good chunk of it is?

How many ransomware perpetrators have we captured, and subjected to psychological study, to be able to confidently say what ransomware is or is not?



It seems reasonable to suggest that the number of profit-driven ransomware endeavors and the number of for-fun ransomware endeavors can both be non-zero and contain some overlap and some non-overlap. Therefore it seems that to make it unprofitable would at least eliminate the former reason which under all by the worst case scenario where those numbers are perfectly equal and overlapping would result in fewer ransomware endeavors.

To say we shouldn't do X because it doesn't perfectly eliminate/solve Y is akin to saying we should do nothing because by that standard, we'll never do anything about Y.


Not only might X (= banning payments) not eliminate ransomware, it could make the problem worse!

Those ransomware perpetrators who are motivated by profit could multiply their activities, if the yield is reduced: have more heists going on.


I don't see how banning payments would inherently create more opportunity for ransomware attacks. Assuming that the operators are already attacking as much as they can (why wouldn't they be - its more profit that way since its business after all) the only way to maintain profitability with lower per-attack yields would be to ask for more ransom per-attack which would likely drive the yields down even further.

Reminds me of https://youtu.be/9pOiOhxujsE?si=GG6X16c8efr0I3Ey&t=213


There is likely an element of sociopathy involved as it requires a particular lack of empathy towards secondary victims. But the same can be said for most career criminals, and most crimes do indeed stop when you remove the profit motivation.

Your own conjecture that ransomware authors are somehow a special breed is the one that needs backing.


> special breed

Vandals are real.


Sure, that’s how viruses used to work. They would just delete / corrupt your data. It was a small-time operation, some pissed off mid with an axe to grind. Now it’s either a nation-state with a political agenda or organised criminals doing it for the money.


Interesting that you associate the sociopathy as the reason someone might do this for fun. I see it as the reason they would do it for money.


> what if ransomware is mainly a sociopathically-driven enterprise

It would be easier and safer to just destroy the data or cause other damage and walk away.


Such kind of interest in profit (as in the majority of enterprises, executives etc) _is_ sociopathically driven in general.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: