Ransomware and data extortion attacks are unfortunately becoming
increasingly common (see for example, high profile attacks on
Canva,1 Latitude Financial2 and recently the
Legal Practice Board of Western Australia).3 These
attacks typically involve a party (commonly referred to as a
‘threat actor’) accessing and encrypting a company’s
systems, and/or exfiltrating (stealing) personal and commercially
sensitive information from the company. The threat actor then
threatens to destroy the key that would otherwise decrypt the
impacted system(s), and/or release the exfiltrated data publicly
unless its demands for payment are met.
While the identity of the threat actors, the degree and nature
of the attack including the…