This article was written in partnership with Daniel Woodhouse, Wouter Veugelen, Natasha Passley and Cameron Morse of FTI Consulting.
Ransomware and data extortion attacks are unfortunately becoming increasingly common (see for example, high-profile attacks on Canva[1], Latitude Financial[2] and recently the Legal Practice Board of Western Australia).[3] These attacks typically involve a party (commonly referred to as a ‘threat actor’) accessing and encrypting a company’s systems, and/or exfiltrating (stealing) personal and commercially sensitive information from the company. The threat actor then threatens to destroy the key that would otherwise decrypt the impacted system(s), and/or release the exfiltrated data publicly…