GDPR fines 'could increase cybercrime ransom demands'

12 Jun 2018

As a result of the introduction of the General Data Protection Regulation (GDPR) last month, cybersecurity firm CrowdStrike has warned that businesses may be lured into paying cyber ransom demands to criminals, rather than pay costly GDPR fines.

Ransomware is a form of malicious software that threatens to publish confidential data, or locks your files until a cyber ransom is paid.

Fines for non-compliance with the GDPR cost up to €20 million, or up to 4% of global turnover, whichever is higher. The GDPR fines have allowed criminals to increase ransom demands, while keeping ransom fees lower than the GDPR penalties.

George Kurtz, Chief Executive of CrowdStrike, stated: ‘If [you have] a 4% fine on your overall top-line revenue, or you have a ransomware that you can pay off and maybe quietly make it go away, I think there’s going to be an interesting dynamic in the amount that the market values paying off enterprise ransomware.’

Many consumers have recently been bombarded with what Security Boulevard, a security bloggers’ network, calls a ‘barrage of new terms and conditions’ from businesses, which are designed to gather and record individuals’ consent in regard to firms’ marketing emails and other communications. Criminals have been taking advantage of the sending of such emails to carry out scams by ‘catching internet users off guard’, according to a report published by Security Boulevard.

If a business finds itself victim of a ransomware attack, business owners should contact the National Cyber Security Centre (NCSC), which provides crisis support to affected firms.

Home | Contact us | Accessibility | Disclaimer | GDPR (including Standard Terms of Business) | Help | Site map |

© 2019 BPU Accountants. All rights reserved.

We use cookies on this website, you can find more information about cookies here.

BPU Chartered Accountants is the trading name of BPU Ltd Company number 3723948 registered in Wales. Registered to carry on audit work in the UK and Ireland and regulated for a range of investment business activities by the Institute of Chartered Accountants in England and Wales.

BPU Financial Solutions Ltd is an Appointed Representative of ValidPath Limited which is authorised and regulated by the Financial Conduct Authority. ValidPath Limited is entered on the Financial Services register ( under reference 197107.

BPU Accountants, Radnor House, Greenwood Close, Cardiff Gate Business Park, Cardiff CF23 8AA
BPU Accountants, The Counting House, Pound Field, Llantwit Major, Vale of Glamorgan CF61 1DL