While you're technically right - we are responsible for our security, and we should lock down our networks just like we lock our front doors - this is basically blaming the victim.

In a nice neighbourhood one could probably leave the door unlocked, but unfortunately internet is more like Gangland than Wonderland.

This said, I'm not blaming home users, but IT folks who failed to secure corporate data and should have known better.

I want to upvote you for truth, but HN currently has a meanness problem of which this comment is a specimen.

It's not truth, it hits residential users all the same. As much as we nerds might wish it, you don't deserve to be extorted because you don't understand computers.

I think the article mentions that it's small businesses that are at risk. Most mom and pop shops don't have the greatest IT infrastructure.

What sort of IT infrastructure do they usually have? - My gut reaction was that they wouldn't have a need for a server in the first place, but I guess that depends on how small it is. A simple file-share though, would be rather vulnerable to this.

Have you fully secured your home and office against arson attacks? No? Don't even know how to do so? Didn't think so. Does that mean you deserve what you get if you end up bankrupt in the event of such an attack?