It seems that the message is (finally) getting through…:
[…] Corporate risk managers are increasingly focusing on protecting their enterprises from business interruption after a series of ransomware attacks on government agencies highlighted the peril of losing access to their computer networks, according to a survey released by Zurich Insurance and Advisen on Thursday.
“In the past, the most attractive targets were organizations with large databases of personally identifiable information that could be stolen and monetized on the Dark Web,” stated Michelle Chia, head of Professional Liability and Cyber for Zurich North America. “While that risk is still with us, criminals are expanding their target lists to include organizations that historically have not had large stores of salable data. The goal is to immediately cash in by taking control of a network until a ransom is paid.”