This article was written in partnership with Daniel Woodhouse, Wouter Veugelen, Cameron Morse and Natasha Passley of FTI Consulting.
Ransomware and data extortion attacks are unfortunately becoming increasingly common (see for example, high-profile attacks on Canva[1], Latitude Financial[2] and recently the Legal Practice Board of Western Australia).[3] These attacks typically involve a party (commonly referred to as a ‘threat actor’) accessing and encrypting a company’s systems, and/or exfiltrating (stealing) personal and commercially sensitive information from the company. The threat actor then threatens to destroy the key that would otherwise decrypt the impacted system(s), and/or release the exfiltrated data publicly unless…