Paying Hacker Extortion

An anonymous reader writes "A friend works as CIO at a medium sized publicly traded company. The company was contacted by a hacking group and told to pay $100,000 to prevent their company from being hacked/attacked. They actually paid the extortion (told authorities after). The authorities said the company could be charged with supporting Terrorists. Seeing that most publicly known hacks are costing companies this size nearly a million dollars, Is this supporting terrorists or supporting stockholders?"

Re:everyone loses

[cgenman]

Or, more likely, they paid the 100,000 with the hopes that the hacker would be caught, then paid IBM 1 million dollars to secure their network.

IBM then pays an external contractor 200,000 to do it. They pay the hacker $100,000 to do it. Hacker walks away with 200k and a springboard to legitimate work.

Re:And now

[flaming+error]

> Trillions for defense, not a penny in tribute is the only
> long term strategy for dealing with aggression.
Sounds great, but there are always details.

In the case of the US, we wanted to get rid of a Bear, so we spent billions raising bees. The Bear grudgingly backed off, so we started trying to drive the bees away, and they attacked us. So now we spend trillions on cruise missiles to get the bees, we strip-search each other for signs of honey, and we look over our shoulder for aggressive Pandas.

Maybe there's another way.