When an organization is exposed to a so-called ransomware attack, criminals enter the IT systems.
There, they can collect information and make information, or entire systems, unusable and threaten to make sensitive information available online.
Something that also happened recently for the listed security company Gunnebo.
In order to regain control of their IT systems, the organization is required to pay a ransom.
Expert: Should consider law against payments
Sweden is one of the countries that pays large sums of money for this type of attack.
It shows a survey conducted by the British cybersecurity company Sophos where they asked 5,000 IT managers in 26 countries how often they pay.
Sweden comes in second place, and is the country with the highest costs for setting up the systems after ransomware attacks.
- It's a shame and I think one should consider a law against paying ransoms for this type of attack.
More and more countries are looking at such legislation.
If you pay, you finance these criminal groups, says Fredrik Blix, PhD in cyber security at Stockholm University.
"Can't be sure it works"
The Swedish Civil Contingencies Agency, MSB, also believes that the ransom should not be paid.
- We do not recommend that you pay as you can not be sure that it works and if you pay you benefit this industry to continue to make such attacks, says Peter Jonegård, unit manager for incident management at MSB / Cert-se.
MSB warned this week that Swedish healthcare could also be affected by ransomware attacks.