Many victims of ransomware[1] aren't reporting attacks to police, making it harder to measure the level of crime and to tackle the gangs involved.
Europol's Internet Organised Crime Threat Assessment 2020[2] report details the key forms of cyber crime which pose a threat to businesses right now and ransomware remains one of the main concerns, especially as these gangs increasingly display high levels of skill and sophistication.
In many cases, ransomware gangs don't just encrypt the network with malware[3] and demand hundreds of thousands or millions of dollars in bitcoin, they'll also threaten to leak stolen sensitive corporate files or personal data[4] if they don't receive a payment.
And while ransomware is one of the most high profile forms of cyber attack, Europol's report warns that it remains an under-reported crime as many organisations still aren't coming forward to law enforcement after falling victim.
Several law enforcement agencies across Europe say they've only heard of ransomware cases via reports in local media.
The report suggests that approaching police to start a criminal investigation was "not generally a priority" for victims, who are more concerned with maintaining business continuity and limiting reputational damage. For some, the idea of getting law enforcement involved could be seen as a risk to their reputation.
SEE: Security Awareness and Training policy[5] (TechRepublic Premium)
That's why some businesses are choosing to engage with what Europol describes as "private sector security firms" to investigate attacks or negotiate ransom payments[6], instead of approaching the authorities.
Companies do this so evidence of the attack and their response to it can remain outside the public eye, especially given how law enforcement agencies recommend that organisations should never give into the demands of