The Ransomware Playbook - Prevent and Prepare
Helping to understand and address the risk of a ransomware attack
22 December 2020
This publication aims to help companies understand and address the risk of a ransomware attack. It provides guidance on how to prevent and prepare for ransomware attacks, what to do if and when a company is the victim of such an attack, important legal considerations from different key jurisdictions, and describes how Clifford Chance can help.
Ransomware attacks have drastically increased and become more sophisticated in the wake of the COVID-19 pandemic.
Even before this uptick, cybersecurity professionals had predicted global damages from ransomware to reach USD 20 billion in 2021, over 50 times higher than the cost in 2015. In a survey conducted in early 2020 of 5,000 IT managers employed by a range of organizations across 26 countries, over half reported being the target of a ransomware attack—and 75% reported that attackers were successfully able to infect their systems.
In addition to costing companies millions of dollars, ransomware attacks have also become a significant source of regulatory and reputational risk. As privacy and data security increasingly penetrate the global zeitgeist, reports of ransomware attacks have become regular fixtures in international news publications across the globe.
Types of Ransomware attack
- “Locker” ransomware attacks directly block access to a device or system. In such an attack, underlying data remains intact.
- “Crypto” ransomware attacks encrypt data, rendering it unreadable. Devices or systems remain accessible, but data cannot be processed without a decryption key.
A ransomware attack combines malicious software (malware) with extortion. Attackers infect devices or systems with malware to block access, demanding payment to restore access and sometimes to avoid dissemination of exfiltrated data.
In this playbook we sets out: -
- what an attack looks like
- the best way to defend against ransomware
- responding if you are attacked
- regulatory examples of the regulatory considerations that must be taken into account when responding
- how Clifford Chance's global tech group cyber security experts can help both prepare and prevent.