Ransomware attacks create a range of risks to individuals, businesses, communities and critical services, from financial, operational, legal or professional risks to safety and security challenges.

• Financial risks: Ransom payments, expenses for data restoration, legal fees, and regulatory fines contribute to significant financial losses for victims. Encryption or theft of sensitive data, leads to loss, exposure or misuse, potentially resulting in regulatory non-compliance and reputational damage.
• Operational risks: Locked-out systems and data cause operational disruption, downtime, productivity losses and missed deadlines, disrupting business. Attacks on service providers disrupt supply chains, leading to delays, shortages and increased costs for goods and services. Companies experienced significant impact to the business, including loss of revenue, employee layoffs and business closures or close down operations.
• Legal risks: Data breaches and inadequate responses to security incidents expose organizations to legal and regulatory consequences, lawsuits, investigations and fines.
• Reputation risks: The credibility of the victims, especially legal persons could be harmed as the ransomware attacks could question the security of its IT infrastructure and the overall business, eroding trust and loyalty among customers and stakeholders.
• Professional and personal risks: Important documents such as studies, dissertations and personal files may be irretrievably encrypted or lost. Cherished memories stored in photos, messages and digital memorabilia can vanish, causing emotional distress. The risk of identity theft and exposure of personal information leads to additional harm.
• Safety and security risks: Attacks on essential services, such as healthcare and utilities, impact critical infrastructures, endanger public safety and societal functioning. Public entities are not able to provide reliable services to citizens and hospitals are unable to use medical equipment needed for the treatment of their patients. Exploitation of software and system vulnerabilities exposes victims to further attacks and compromises their cybersecurity posture.

Ransomware has become too large of a threat for any entity or sector to address alone; comprehensive action at all levels is needed to address challenges such as:

• Limited capacities and capabilities of law enforcement agencies to address technical challenges of such attacks;
• Lack of interagency coordination and international cooperation between authorities as well as with private sector entities;
• Lack of domestic legislation, that clearly criminalises ransomware attacks;
• Impact of emerging technologies on ransomware;
• Evolution of ransomware-as-a-service (RaaS) models;
• Rise of targeted ransomware attacks;
• Costly disruptions to operations and the loss of critical information and data. 
• Limited capacities and capabilities of the Law Enforcement Agencies when dealing with the technical aspects of such attacks;
• Lack of interagency coordination and international cooperation between authorities as well as with the private sector entities;
• Lack of domestic legislation, that clearly criminalises ransomware attacks;
• Impact of emerging technologies on ransomware;
• Evolution of ransomware-as-a-service (RaaS) models;
• Rise of targeted ransomware attacks;
• Costly disruptions to operations and the loss of critical information and data.