Apr 18, 2023Liked by Adrian Sanabria, Tyler Shields

One thing I think is worth mentioning is that the extortion effect of stolen data is nowhere near as potent as that of data encryption. Companies are almost always more sensitive to availability risks than to confidentiality risks.

Plus, once a criminal crew stole your data you would have to trust them to honor their pledge to not sell it on the black market anyway after you pay them not to. 🤔 So I think most companies not only will but will have to, for compliance reasons, disclose the data as stolen themselves and refuse to pay on that basis alone.

That difference, and increased offensive action against criminal crews by Five Eyes governments, are IMHO the most likely explanation for the recent drop in ransomware payments.

Expand full comment

Ransomware attacks may become irrelevant due to changes in attacker motivations and technological advancements. Those attacks have historically been motivated by financial gain, but attackers are increasingly focused on stealing sensitive data for espionage or other purposes. Additionally, advances in cybersecurity, such as the use of artificial intelligence, moving target defense and blockchain technology, may make ransomware attacks more difficult to execute. However, the article acknowledges that ransomware attacks are still a significant threat and that organizations should continue to take steps to protect themselves.

Expand full comment