International. Amid heightened geopolitical tensions, ransomware attacks in 2024 are projected to reach record levels, increasing the risks faced by businesses around the world.
There is a shift towards more sophisticated extortion tactics, highlighting the urgent need for coordinated global action and robust incident response strategies as organizations face increasingly aggressive and persistent cyber threats, says GlobalData.
GlobalData's latest thematic intelligence report, “Deep Dive into Ransomware”, reveals that 2023 was the third-worst year on record for ransomware attacks and the worst for payouts, which reached more than $1 billion, according to Chainalysis.
David Bicknell, Principal Thematic Intelligence Analyst at GlobalData, comments: “Businesses are under constant threat from ransomware attacks and, once they suffer a breach, they must decide whether to pay the ransom to recover their operations and data. The rise in attacks reflects a shift towards a more aggressive ransomware landscape. What began as phishing raids requiring decryption keys has evolved into sophisticated extortion, with attackers publishing victims’ data on the dark web, leading to further attacks by other groups.”
Companies that have suffered ransomware attacks include Boeing, Caesars Entertainment, MGM Resorts, Change Healthcare, Royal Mail, Johnson Controls, the UK’s National Health Service (NHS), Sony, Capita and Dish Network.
Jordan Strzelecki, Associate Thematic Intelligence Analyst at GlobalData, adds: “High-profile takedowns by law enforcement are increasingly disrupting ransomware gangs. The successful actions against Hive, LockBit and AlphV temporarily stemmed the tide of attacks and sent a warning to cybercriminals that their days could be numbered. However, the ransomware industry is never static and new gangs continually emerge to replace those that have been dismantled or become less effective. Gang affiliates are pocketing a larger share of ransom payments and are conducting repeat attacks. Ransomware gangs are now actively competing to attract talent.”
Bicknell continues: “Governments and cyber authorities’ actions in relation to ransomware and ransom payments need to be coordinated and international. Countries will not be able to combat malicious actors if they spend their time promoting their own cybersecurity credentials and competing with other nations. The battle against ransomware can only be won if countries, cyber authorities, law enforcement and businesses work together.”
Strzelecki concludes: “All organizations should develop and test an incident response plan, look at the bigger picture around ransom payments, and stay informed about ransomware developments to protect their organizations in the event of a successful attack.”
Leave your comment