Businesses are facing a surge of ransomware attacks during the COVID-19 pandemic as cybercriminals exploit employee distraction and the increased attack surfaces due to widespread remote working. Even before the pandemic, ransomware was transforming into a double-damage attack, as several criminal groups began adding theft of sensitive data to the crippling of computer systems. Maze-style attacks, named after the pioneering Maze Group gang, also often include threats to publicize the hack. This checklist offers direction for companies to prepare and respond to these complicated cyberattacks and includes considerations for developing a ransomware plan and a corporate ransomware payment policy, as well as ten immediate communication steps to take after an attack. See also “Managing Ransomware’s Mutation Into a Public Data Breach
” (May 6, 2020).