Companies that pay ransom demands to cyber criminals in the hope of restoring their IT systems may be at risk of greater negative publicity than those that refuse.
An initial analysis of data seized by the National Crime Agency (NCA) in the takedown of the LockBit ransomware group suggests that the best way to avoid bad publicity may be to refuse to pay up.
Max Smeets, author of the book Ransom War, was given supervised access to data on LockBit 3.0 seized by the NCA during Operation Chronos, which took down the LockBit ransomware operation, and examined leaked data from LockBit 4.0.
Smeets compared press reporting of 100 companies that paid ransomware with reporting on 100 companies that refused to pay.
“It turns out that you are more likely to have a story written about you if you have paid than if you have not paid,” he said in an interview with Computer Weekly.
Smeets’ conclusions fly in the face of claims by criminal ransomware gangs that companies that pay up can avoid bad publicity. He calls it the Streisand effect, whereby in paying a ransom to avoid publicity, companies end up attracting the very publicity they are trying to avoid.
You are more likely to have a story written about you if you have paid [a ransom] than if you have not paid Max Smeets, ransomware expert
Law enforcement has long argued that companies should not pay ransom fees because it supports the ransomware ecosystem and there is no guarantee that they will get their data back.
“What the data also suggests is that you also shouldn’t pay if you are afraid of public exposure,” said Smeets, speaking to Computer Weekly at the Black Hat security conference in London.
The art of the bad deal
Smeets’ analysis also revealed just how ill-prepared many organisations were when negotiating ransomware payments with LockBit’s criminal affiliates.
Some companies told crime gangs upfront that they were desperate to get their data back as they had no backups, putting them instantly on the back foot in negotiations.
Others tried unsuccessfully to win sympathy with the hackers by claiming that they couldn’t afford to pay the ransom, or that they served the local community.
Smeets also found that some victims had sent ransomware gangs copies of their insurance documents to show how much they could afford to pay.
Ransomware victims that pay up are more likely to hit the headlines than those that refuse
His findings show that companies need to be better prepared for ransomware negotiations if the worst happens.
“There is a major opportunity, especially for small and medium-sized enterprises, to become better in understanding how to engage with these criminals without making extreme and obvious mistakes,” he said.
LockBit’s criminal affiliates follow a standard playbook for negotiating ransom payments, which typically involves demanding an initial ransom, offering to decrypt two files for free, and threatening to leak data if organisations don’t pay up.
Smeets found that the criminal groups have so many victims that they don’t spend time analysing the data they capture to look for compromising material that could push up the value of a ransom demand – they are more interested in the next victim.
If companies don’t pay up within a few weeks, affiliates may be inclined to assume that their victim’s lack of desperation may mean their ransomware attack did not cause much damage. They may be willing to accept smaller payments in return for an agreement not to publish the hacked data.
The trust paradox
Ransomware groups like LockBit deceive and steal, but somehow have to convince victims that they are trustworthy enough to restore their data in return for a ransomware payment, so reputation matters.
Operation Chronos not only destroyed the infrastructure of LockBit, but also destroyed its reputation, Smeets’ research shows.
In February 2024, the international police operation seized LockBit’s servers, its administrative hub, its public-facing website and its internal communications.
“The NCA not only went after their technical infrastructure, but also tarnished their reputation by disclosing their lies,” he said.
For example, the group said it would ban the affiliates that hit a children’s hospital in Toronto – it didn’t, said Smeets. LockBit also promised to delete victims’ data from its servers if they agreed to pay, but often didn’t.
When criminal gangs attempted to revive LockBit in December 2024, its reputation had been irretrievably damaged.
Before Operation Chronos, between May 2022 and February 2022, 80 affiliates of LockBit 3.0 received ransomware payments.
LockBit 4.0, an attempt to resurrect the ransomware operation after the police take-down, only received eight ransomware payments between December 2024 and April 2025, according to Smeets’ research.
“LockBit is so tarnished that even if it can put up its infrastructure again, it’s a shadow of its former self,” he said.
Operation Chronos could form a blueprint for future ransomware takedowns by destroying not just the infrastructure but also the reputations of ransomware gangs.
Smeets hopes to conduct further research into the relationship between paying ransoms and negative press coverage to test his initial findings.
Right now, a partial government shutdown has meant that thousands of Transportation Security Administration (TSA) workers have not been paid for several weeks, causing many to call out of work or quit. That has meant long security lines—more than three-hour waits—ensuing chaos at airports around the country. It’s unclear how long this mess will last, so it’s worth thinking about other options.
Flights are also expensive and hard on the environment. If you can take a bus, train, or ferry to your destination, why shouldn’t you? These travel search apps help you find routes and prices so you can compare them and make the best decision.
Wanderu
Best for Buses and Trains in the US and Canada
In the US and Canada, Wanderu is my go-to search aggregator for travel by bus or train (it works in Europe and the UK, too). Wanderu is your classic travel aggregator, looking up the schedules and prices across several bus and train operators, including Amtrak, BestBus, Flixbus, Greyhound, OurBus, Peter Pan, RedCoach, Vamoose, and others.
You see price comparisons at a glance, as well as options for upgraded class fares, departure and arrival times, and the location of each bus and train station, since sometimes you can save a lot of time by choosing one point over another. Filters help you narrow down your results based on your preferences, and you can book right from the app.
Omio
Compares Trains, Buses, Flights With Excellent Summaries
If you aren’t sure whether you want to travel by land or air, head to Omio. Type in your departure point, destination, and the date you want to travel, and Omio finds routes by plane, bus, and train. A concise summary at the top of the search results tells you the lowest fare and how long it will take for each mode of transportation, so you can make an informed decision quickly. Omio also shows whether the fare will be higher or lower if you travel on a different day of the same week, in case your dates are flexible.
Rome2Rio
Includes Comparison for Driving
Rome2Rio compares prices and times for travel by bus, train, flight, and driving yourself, based on estimated fuel costs. It works reasonably well for trips in the US and Canada. Rome2Rio touts itself as being for worldwide travel, though Europe and the UK seem to be its sweet spot. Elsewhere, take the approach of “trust, but verify,” and this app will take you places.
Virail
Compares Buses, Trains, and Flights
Virail is similar to Omio, comparing travel options by train, bus, and flight, with a neat summary of prices at the top of the search results, although it lacks the total travel time. For that, you have to scroll through the results. To book a ticket, Virail sends you to other websites, and you might have to do additional legwork to reserve your seat. It works reasonably well in the US and Canada (in testing, it got a little tripped up in Mexico), and does well for travel in Europe and the UK.
Vivanoda
Includes Flight and Carpool
Vivanoda (website only, no app) is similar to Omio, comparing all your options for getting between two points—and it includes flights, ferries, and carpool/rideshare options when applicable. The site operates out of the European Union and seems to work slightly better for travel in Europe and the UK than in the US and Canada, where it has some holes. (It didn’t find a direct flight between San Francisco and Vancouver, for example, even though there is more than one daily.)
Seat 61
Best Old-School Site for Trains and Bus Info Worldwide
Seat61, also known as The Man in Seat 61 (website only), has an old-school look and some of the best, most reliable information about traveling by bus and rail all around the world. Mark Smith, who runs the site, tells you exactly where in the world he knows about the train and bus routes: The site lists all the countries it covers on the left side, everywhere from Albania to Zimbabwe. He shares timetables, prices, and even includes photos, though his site is not a search aggregator, and you do have to go elsewhere to book. That said, it’s an excellent resource.
Financial services firms, content providers, neocloud companies and hyperscalers are all claimed to be among the primary beneficiaries of a digital infrastructure from Colt Technology Services linking the US West Coast to Asia.
The announcement marks the latest phase of the global digital infrastructure company’s global network expansion, and the investment it made in the infrastructure is said to support customers’ international growth strategies and include a transpacific subsea cable route linking the US and Japan.
Colt says the expansion elevates it from its position as the largest European B2B fibre provider to one of the largest in the world, reinforcing its role as a key player in the global digital infrastructure market.
The enhanced infrastructure is seen by Colt as strengthening its network resilience for organisations – by delivering secure, high‑performance backup and routing options for mission‑critical applications. Congested networks mean lags, delays and service interruptions – expensive setbacks which stall progress.
Colt’s network investment is designed to directly addresses surging demand driven by AI traffic. The infrastructure is attributed with giving customers greater choice of offerings, performance and cost, especially for busy transpacific routes already under pressure from rising traffic volumes.
As part of the investment, Colt will deliver a transpacific backbone route through Juno – one of the world’s newest and most advanced subsea cable systems – connecting Tokyo, Japan to Los Angeles on the West Coast of the US.
Having come into service in May 2025 and operated by Seren Juno Network Co, the Juno cable is around 11,700km (7,270 miles) long and engineered to deliver up to 350Tbps across 20 fibre pairs, using next-generation Space Division Multiplexing technology. In Japan, it lands at Minamiboso (Chiba Prefecture) and Shima (Mie Prefecture), connecting with Grover Beach, California. It extends to terrestrial points of presence in Tokyo, Osaka, Los Angeles and San Jose.
The Colt network is intended to offer customers a diverse route, connecting Colt’s existing terrestrial networks in Japan and the US, providing greater resilience and higher bandwidth options to provide greater resilience on transpacific services.
This is said to make the services ideal for businesses with global operations across Asia and the US. Another benefit is said to be an expansion in the global digital footprint, extending its “on-net” capabilities. Colt can connect directly into multiple sites across Tokyo, with on‑net coverage throughout the city’s key metro datacentres.
Commenting on the expansion, Buddy Bayer, chief operating officer of Colt Technology Services, said: “The world’s economies run on digital infrastructure, but there will come a point when existing capacity across some routes isn’t enough. This risks disrupting or even reversing the progress countries have made in connecting markets, organisations and societies. At Colt, we have a deep commitment to solving problems for our customers so they can grow and scale. This investment in our digital infrastructure connecting the US West Coast to Tokyo, Japan not only solves the capacity problem for our customers – it’s also a gateway to global growth.”
News of the new subsea infrastructure comes shortly after Colt announced an expansion and investment into new routes connecting the East Coast of the US to Europe. Specifically, the low-latency routes along the US East Coast and between the US East Coast and Europe are designed to “supercharge” capacity for customers as AI traffic surges across what is said to be the world’s busiest data pathway.
Anthropic won a preliminary injunction barring the US Department of Defense from labeling it a supply-chain risk, potentially clearing the way for customers to resume working with the company. The ruling on Thursday by Rita Lin, a federal district judge in San Francisco, is a symbolic setback for the Pentagon and a significant boost for the generative AI company as it tries to preserve its business and reputation.
“Defendants’ designation of Anthropic as a ‘supply chain risk’ is likely both contrary to law and arbitrary and capricious,” Lin wrote in justifying the temporary relief. “The Department of War provides no legitimate basis to infer from Anthropic’s forthright insistence on usage restrictions that it might become a saboteur.”
Anthropic and the Pentagon did not immediately respond to requests to comment on the ruling.
The Department of Defense, which under Trump calls itself the Department of War, has relied on Anthropic’s Claude AI tools for writing sensitive documents and analyzing classified data over the past couple of years. But this month, it began pulling the plug on Claude after determining that Anthropic could not be trusted. Pentagon officials cited numerous instances in which Anthropic allegedly placed or sought to put usage restrictions on its technology that the Trump administration found unnecessary.
The administration ultimately issued several directives, including designating the company a supply-chain risk, which have had the effect of slowly halting Claude usage across the federal government and hurting Anthropic’s sales and public reputation. The company filed two lawsuits challenging the sanctions as unconstitutional. In a hearing on Tuesday, Lin said the government had appeared to illegally “cripple” and “punish” Anthropic.
Lin’s ruling on Thursday “restores the status quo” to February 27, before the directives were issued. “It does not bar any defendant from taking any lawful action that would have been available to it” on that date, she wrote. “For example, this order does not require the Department of War to use Anthropic’s products or services and does not prevent the Department of War from transitioning to other artificial intelligence providers, so long as those actions are consistent with applicable regulations, statutes, and constitutional provisions.”
The ruling suggests the Pentagon and other federal agencies are still free to cancel deals with Anthropic and ask contractors that integrate Claude into their own tools to stop doing so, but without citing the supply-chain-risk designation as the basis.
The immediate impact is unclear because Lin’s order won’t take effect for a week. And a federal appeals court in Washington, DC, has yet to rule on the second lawsuit Anthropic filed, which focuses on a different law under which the company was also barred from providing software to the military.
But Anthropic could use Lin’s ruling to demonstrate to some customers concerned about working with an industry pariah that the law may be on its side in the long run. Lin has not set a schedule to make a final ruling.
Entertainment1 week ago
Fashion6 days ago
Sports7 days ago
Sports7 days ago
Fashion1 week ago