Hugo wants to know why companies pay ransomware when they should normally have a backup to their data and network. Leo says that's a good question. Oftentimes, though, the ransomware isn't triggered right away. It lies in wait. Meanwhile, hackers browse around, looking for valuable data to steal and other weaknesses. The hackers will also look for where the backups are stored and seek to disable the backups or lock them up as well. Then, once the recon is done, the malware is triggered, bringing the network down. But going through thousands of computers to root out where the malware is will take months. To get back up, many companies take the path of least resistance and just pay up.
At the end of the day, many pros say it comes down to a lack of awareness on the part of the boards. The IT guys know what needs to be done, but it's just as hard to get the budget for it.