National Approaches to Ransomware Protection
Governments are developing different policies to counter the increasing ransomware threat, addressing it either as a national security issue, or through law enforcement and multilateral cooperation. Few have publicly articulated a comprehensive approach. A public policy explicitly addressing ransomware can support coordination across domestic agencies and foster international cooperation, argues Nele Achten in this CSS Analysis.
A ransomware attack usually starts with the infiltration of a computer system and the encryption of data using malware. Ransomware is a tool used by nation states, politically motivated hacker groups and criminals alike. Their most frequent motivation is financial gain. If the motive is financial, the encryption phase is followed by a demand to pay a ransom. If the ransom is paid, the victim will usually receive a decryption key to regain access to their data. However, ransomware might also be used for purely destructive or political motives.