Ransomware is one of the greatest threats facing contemporary societies. Its harms are widespread and diverse, impacting physical assets, physical and psychological well-being, as well as trust in domestic and international institutions. To counter the ransomware threat, states have adopted a range of measures—from resilience-building at home to extraterritorial enforcement. These measures do not only have domestic implications. They have various touchpoints with international law. In some cases, especially in relation to extraterritorial law enforcement, they may come into tension with international obligations protecting state sovereignty. In others, states may be required by law to take positive measures to protect the rights of individuals and other states. States must take care in crafting domestic responses, as such responses must not conflict with obligations undertaken under international law. This paper explores the interaction between these domestic measures and relevant international obligations, with concrete examples from domestic practice and state signalling at the inter-governmental level.