Re: Doesn't matter
No, because it is obvious. If no one pays then holding files for ransom makes no money.
If no one ever pays ransom this is true, but it's very difficult to ensure that 1) no one ever pays ransom, and 2) ransomware users believe this.
People are in general not good at behaving as rational economic actors. That's why lotteries and casinos continue to be wildly profitable.
Moreover, it's not clear that disbelieving the proposition "ransom will never be paid" and infecting systems with ransomware anyway is an irrational economic move, because the cost of using ransomware is extremely low. It exists, so it can be used without development cost. Infection is nearly or entirely automatic, and consumes vanishingly small resources for the attacker, so use cost is minimal. Very few ransomware users are ever brought to justice, so the risk is low. It's a trivial investment so the rate of return can be very, very low and the process still be profitable if used widely enough.
In fact, banning paying ransom is an inducement to use ransomware more, because the rate of return drops.
And, of course, some proportion of infections are almost certainly done by botnets which are no longer under anyone's direct control. There may or may not be some human eventually checking the associated Bitcoin wallets.
Biting the hand that feeds IT
