Even if they are, the result is the same: the hacker loses his ability to collect the ransom, disincentivizing future ransomware attacks. Such an attack is pointless if you know you’ll be prevented from collecting the ransom before you can collect any of it (discounting the nihilists who just want to watch the world burn, who I believe number fewer than we think).
True enough, but it’s been suggested that ransomware attacks are on the rise because they’re simple enough for someone even less competent than a script kiddie to implement. Shutting down the ransom email address at least raises the barrier to entry, meaning those criminals enticed by the ease of making money will stop engaging in ransomware attacks.
