Recent reports of SCADA/ICS proof-of-concept ransomware have spurred fresh discussion on the topic. Ransomware is a product with negative value, where the victim can avoid costs by paying for the product. The attacker is incentivized to choose a ransom price that is within the victim’s ability to pay, and does not exceed what the victim considers the potential loss value. The higher the likelihood (perceived) that the resource will not be restored, the lower the expected return for paying the ransom, driving down the “value””]
Source: https://www.govinfosecurity.com/blogs/economics-ransomware-p-2466