Lets give Ransomware its proper name, Extortion, and its practitioners care zero about the consequences of their malignant activities. Once all ransomware infections were opportunistic, disseminated through indiscriminate infection vectors, now they are far more targeted, and vicious. The ION Trading incident was a supply chain attack that could have resulted in Billions of losses across multiple companies who found themselves innocent bystanders.

Victims risk losing files, suffer financial loss due to paying the ransom, lost productivity, IT costs, legal fees, network modifications, and/or the purchase of credit monitoring services for employees/customers.

Threat of Double Extortion. Once attackers encrypted information found on a system then demanded a ransom in exchange for a decryption key. The criminal gang behind the ION Trading attack, Lockbit, added a second level of blackmail by posting on their dark web leak site, shared with Computer Weekly by LeMagIT, that they would publish all data stolen from ION on Saturday 4 February at 07:25.

To understand the scale of the threat, Ransomware has gone mainstream, there is ‘Ransomware as a Service’ (RaaS) enabling subscribers to use already developed ransomware tools to execute ransomware attacks with subscribers and developers sharing their ‘profits’.


It makes sense, go for the weakest points with the largest potential fallout. Providers of applications and services to Banks and Financial Institutions are plugged in, carry sensitive data and impacts will maximise chaos, creating greater incentives for the victims to pay up.

As such there is an existential threat to global markets, and that means business managers must prepare for the worst, and critically how to deal with what seems to be the inevitable.


Not addressing the threat of ransomware is merely delaying the inevitable. The fact ransomware is now mainstream means literally anyone with malicious intent can engage in such activity. Just think of the variety of potential threats emanating from straightforward extortion to disgruntled employees with an axe to grind.

The Zscaler ThreatLabz research team found ‘ransomware attacks increased by 80% between February 2021 and March 2022 compared to the previous year, setting new records for both the volume of attacks and the cost of damages’. Read their report here.

IBM’s ‘Cost of a Data Breach 2022’ report calculated the average ransom payment was $812,360, however, the total cost to business was $4.5 Million per attack

It is chilling to consider that in 36% of cases where ransomware payments were made, organisations did not recover their data.


The good thing is ransomware is a known problem, albeit one that will evolve, our suggested approaches are based upon protection through strong data governance including:

  • Focus on the data workflows, conduct due diligence on your systems and solutions providers, ensure they have protective tools in place
  • Don’t stop there, make sure your providers themselves apply upstream due diligence
  • If expertise is not available inhouse engage with professional data governance advisors, fortunately there are many available
  • If you value your business, invest in defence and people

It is not only good business, it is a lot cheaper. 

Keiren Harris 06 February 2023

Please contact for a pdf copy of the article

For information on our consulting services please email