Europol: Ransomware Attacks are Going Unreported
According to a report from Europol, many ransomware attacks are not reported to police. In some cases, organizations targeted by ransomware bring in "private sector security firms" to manage the response to the attack. The Internet Organised Crime Threat Assessment 2020 "provides a unique law enforcement focused assessment of emerging challenges and key developments in the area of cybercrime."
However an enterprise elects to deal with a compromise resulting in extortion demands, and even though most will never be investigated by law enforcement, they should all be reported via the Internet Crime Complaint Center (IC3). This is about intelligence, not law enforcement. It is essential that we measure the threat rate, sources, and methods.