The Royal United Services Institute, a think-tank, analysed 1,200 ransomware attacks which mostly took place last year. Two of its findings make the extortionist’s incentives clear. The fact that 60% of victims were based in America or had their headquarters there can be explained by Sutton’s law: that’s where the money is. The fact that there were no victims in Russia or most other post-Soviet countries can be explained by other rules—rules about activities which are inappropriate on your own doorstep, or where you eat.
Director, Cyber Research
Stephen Reimer reminds us that 'much of the current ‘conventional wisdom’ around these kinds of actors assumes that terrorist financing and a counterterrorist financing (CTF) response are not relevant to this growing threat'. He has co-authored a report that looks into the methods that some lone actors have used to pay for their activities and whether or not that information can be used to stop more attacks.