Oh for sure, didnt mean to imply it was the only reason.
Spearphishing high-value targets, or even just phishing a company’s email roster are very very common practices because they yield significant results.
Theres also the “insurance approach” to cybersecurity, where its cheaper to run PR for a little while and/or take out insurance policies against cyber attacks such as ransomware. The latter is a key factor as to why many companies dont mind paying the ransom at all.
Oh for sure, didnt mean to imply it was the only reason.
Spearphishing high-value targets, or even just phishing a company’s email roster are very very common practices because they yield significant results.
Theres also the “insurance approach” to cybersecurity, where its cheaper to run PR for a little while and/or take out insurance policies against cyber attacks such as ransomware. The latter is a key factor as to why many companies dont mind paying the ransom at all.