Okay, picture this: Your grandma, bless her heart, finally figures out TikTok. She’s uploading super cute kitty videos, getting millions of views… and then all of a sudden BAM! Ransomware. Some nefarious weirdo kuchan all her virtual assets, and takes down the whole shebang, asking for Bitcoin to restore Fluffy’s best songs. Absurd, right? That absurdity happens every single day. It’s incredibly maddening that we’re still funding it in 2025.

Blaming Users? That's B.S.!

Users are not the weak link – that harmful story is a convenient falsehood. Corporations propagate this myth to distract attention away from their own obvious and shameful security lapses. Oh, Grandma clicked a dodgy link? Sure. What led to the systemic failures that allowed that link, full of malware, to land in her inbox? We can’t let this fly under the radar. Let’s not mince words, that M365 “Direct Send” vulnerability? Is Brother printer’s default password really based on their serial number? Those aren't user errors. Those are negligence errors. It’s akin to pointing the finger at a homeowner when their foundation cracks due to the contractor skimping out and using low-quality concrete.

It’s high time we quit pretending that users are the only line of defense against nation-state level attacks. Yes, security awareness training is important, but it's a band-aid on a bullet wound when corporations aren't pulling their weight.

Security? Or Just Stock Prices?

Here’s a news flash: corporations are not incentivized to prioritize your security. They're incentivized to maximize profits. Investing in robust cybersecurity infrastructure costs money. Patching vulnerabilities takes time and resources. Cutting the checks for breach settlements directly impacts the bottom line. So, what do they do? Their only option is to cut corners, downplay risks and pray they don’t get hit. And when they do get hit, they quietly pay the ransom, hoping it all blows over before their stock price tanks.

This has to stop. We need stricter regulations with teeth. Corporations that fail in even the most basic precautions to protect their users data must be subject to crippling fines and potential criminal indictment. Think about it - if a company's leadership were personally liable for the cost of a ransomware attack, wouldn't they suddenly become much more interested in cybersecurity?

Backups Failing? That's Convenient...

The backup usage being at a six-year low—that’s something that should be alarming. Are backups failing? Are restoration processes too complex? In reality, are organizations just not telling the truth about having backups, trying to go for a lower ransom in the negotiations? Whatever the reason, it points to a disturbing trend: the very safety nets we rely on are becoming increasingly unreliable.

Community > Corporations

We may be waiting on corporations to do the right thing, but communities are not waiting. Open-source security tools, collaborative threat intelligence sharing platforms, and mutual support networks are proving to be incredibly effective in fighting back against ransomware. Grassroots efforts run on the profound sense of duty. Human beings are moved by the most profound instinct of all — the impulse to save each other from great injury. Together, they show that when we work together, it isn’t corporate pledges but our own activism that leads to a safer and more secure future.

Time To Fight Back - Here's How

We must not wait one more day as ransomware gangs threaten the safety and security of our digital lives. Here's how we fight back, together:

  1. Demand Better MFA: Don't just accept multi-factor authentication. Demand your bank, your email provider, everyone implements it correctly, with options beyond SMS (which is easily intercepted).
  2. Support Legislation: Advocate for laws that hold companies accountable for data breaches and incentivize them to invest in robust cybersecurity. Contact your representatives and let them know this is a priority.
  3. Fund Cybersecurity Education: Push for government-funded cybersecurity education programs for small businesses. These are the most vulnerable targets, and they need our help.
  4. Embrace Open Source: Support and contribute to open-source security projects. These tools are often more secure and transparent than their proprietary counterparts.
  5. Share Information: Talk to your friends, family, and colleagues about ransomware. The more people are aware of the risks, the better equipped they will be to protect themselves.

The ransomware party isn't inevitable. It's a choice. A terrible choice we’re making by allowing corporations to evade accountability when their choices put affect our security and allowing governments to do the same while taking no action. Let's choose a different path. Let’s reject those who seek to undermine our democracy and empower the powerful and commit ourselves to a more secure future, together. Because Grandma's cat videos deserve nothing less.