I attended Infosec Europe 2025 to stay updated on security trends and new products. There were some great presentations, but I particularly enjoyed the one on handling ransomware attacks when your security measures fail. I was surprised to learn that some of the organizations behind these attacks operate like sophisticated businesses and are subject to Trade Sanctions. This means that if you decide to pay them, you risk facing criminal prosecution or significant fines. If you get to the stage where paying is the only option, It’s a case of being “damned if you do, damned if you don’t.”