Ransomware attacks continue to surge from the levels seen just a few years ago and the threat such attacks present against companies and organisations remains very real – not least because the sums involved also continue to surge. According to a recent report by software company Acronis1, global ransomware damages are predicted to reach more than US$30 billion by next year, with that figure set to increase exponentially, potentially reaching the hundreds of billions of dollars a year within the next decade.
Directors and senior management therefore must not only work to prevent ransomware and other cyber attacks from happening, but be prepared if the company’s cyber defences are breached. One critical point for senior management can be boiled down to the question: to pay or not to pay?
This update highlights some of the key legal issues facing businesses that have suffered a ransomware attack with particular reference to the latest UK guidance and the relevant sanctions regimes.