High-profile attacks on governments, banks, and critical infrastructure often make the news, but small and mid-sized organizations are no less at risk of ransomware, with cybercriminals now shifting their campaigns to fly under the radar of law enforcement .