The international community has adopted binding and non-binding instruments aimed at combating cybercrime and enhancing cybersecurity measures. While many of these instruments are not specifically tailored to ransomware attacks, they provide a framework for addressing cybercrime offences and cybersecurity incidents, including ransomware incidents.

• Council of Europe: Budapest Convention and Explanatory Report
• Council of Europe: Second Additional Protocol to the Budapest Convention and Explanatory Report
• Council of Europe: Ransomware Guidance Note
• EU: Regulation (EU) 2023/1543 of the European Parliament and of the Council of 12 July 2023 on European Production Orders and European Preservation Orders for electronic evidence in criminal proceedings and for the execution of custodial sentences following criminal proceedings
• EU: Directive (EU) 2023/1544 of the European Parliament and of the Council of 12 July 2023 laying down harmonised rules on the designation of designated establishments and the appointment of legal representatives for the purpose of gathering electronic evidence in criminal proceedings
• EU: Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union
• EU: Regulation (EU) 2019/881 Cybersecurity Act
• EU: Directive NIS (EU) 2016/1148 on concerning measures for a high common level of security of network and information systems across the Union
• EU: Regulation (EU) 2016/679 on General Data Protection Regulation
• EU: Directive (EU) 2013/40 on Attacks against Information Systems
• EU: The Digital Services Act 
• EU: The Digital Services Act package