We have seen that in DDoS extortion attacks (Chapter 7, Other Forms of Digital Extortion) that cyber criminals warn against informing the law authorities. But the law authorities should be informed about any such incident. They can work with other organizations to stop attacks. There have been cases where the law authorities had sinkholed malware domains with the help of internet service providers (ISPs). Sinkholing is the process of redirecting malware traffic to a controlled computer. We have already mentioned that, quite often, ransomware try to contact the C&C server to fetch keys that can be used to encrypt files on the victim machine. If this communication is sinkholed then the ransomware attack can be halted. The law authorities may be able to create awareness and go after the criminals.