Ransomware Payment: Legality, Logistics, and Proof of Life: Part II: Investigation and Response
Part Two: Investigation and Response
Publication Date: November 6, 2017
This is the second in a three-part series of white papers authored by Cybersecurity expert John Reed Stark. The series offers guidance for boards of directors on the legal issues, logistical considerations and financial implications of responding to ransomware threats.
When confronted with a ransomware attack, the options all seem bleak. Pay the hackers – and the victim may not only prompt future attacks, but also has no guarantee that the hackers will restore their dataset. Ignore the hackers – and the victim may incur significant financial damage or even find themselves out of business. The only guarantees during a ransomware attack are the fear, uncertainty and dread inevitably experienced by the victim. That is why it is critical for all companies to approach ransomware response in a thoughtful, careful and meticulous manner, which is the focus of Part Two of this three-part series.
This three-part series of articles provides guidance on the legal issues, logistical considerations and financial implications when managing ransomware threats, including an exposition of the unique issues which can arise when seeking proof of life and opting to meet the monetary demands of ransomware attackers.
Part One of this series, Background and Reality, provided the keys to understanding the impact of recent ransomware strains, including a discussion of the nature and growth of ransomware; the dangerous aspects of some recent ransomware attacks; and the role (or lack thereof) of law enforcement when managing a ransomware attack.
Part Two of this series, Investigation and Response, examines the intricacies involved in ransomware response, including ransomware investigative tactics; ransomware payment logistics; and the legalities of ransomware response.
Part Three of this series will cover the remaining range of key ransomware essentials, such as notification requirements; ransomware remediation; and ransomware cyber insurance.
***
John Reed Stark is President of John Reed Stark Consulting LLC, a data breach response and digital compliance firm. Formerly, Mr. Stark served for almost 20 years in the Enforcement Division of the U.S. Securities and Exchange Commission, the last 11 of which as Chief of its Office of Internet Enforcement. He also worked for 15 years as an Adjunct Professor of Law at the Georgetown University Law Center, where he taught several courses on the juxtaposition of law, technology and crime, and for five years as managing director of a global data breach response firm, including three years heading its Washington, D.C. office. Mr. Stark is the author of, "The Cybersecurity Due Diligence Handbook," available as an eBook on Amazon, iBooks and other booksellers.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.