Genuinely think it should be illegal for companies to pay ransomewere demands, they might put a bit more effort into security that way, and maybe have a recovery plan in the event of disasters.

https://www.theguardian.com/business/2023/feb/15/under-no-circumstances-will-we-pay-that-absurd-amount-royal-mail-tells-hackers