The Ransomware Trinity

There are three things that industries ravaged by ransomware tend to have in common.

  1. They have data that is sensitive enough to be protected.

  2. The industry lacks mature defenses.

  3. Someone in the victim ecosystem is willing and able to pay.

Where we’ve seen this so far are places like:

  • Hospitals

  • Schools

  • Small businesses

  • Home users (to a lesser extent)

But if you look at those criteria I think you can predict new places that will be targeted in the future. One I think is ripe for it is:

  • Law firms

Think about the data they have. Think about how much effort they’re spending on security. And think about how much money they have to pay ransom.

It’s the perfect mixture.

What other industries should we be watching out for and getting ready to protect?


  1. This also applies to Extortionware, if that ever becomes a thing.

  2. Please do your best not to notice that there is no overlap in this Venn diagram. I blame Google Docs for not having a Venn function. You should too.

Related posts: