International. Amid intensifying geopolitical tensions, ransomware attacks in 2024 are projected to reach record levels, increasing the risks faced by businesses around the world.
There is a shift toward more sophisticated extortion tactics, highlighting the urgent need for coordinated global action and robust incident response strategies as organizations face increasingly aggressive and persistent cyber threats, GlobalData states.
GlobalData's latest thematic intelligence report, "Deep Dive into Ransomware," reveals that 2023 was the third-worst year on record for ransom attacks and the worst for payments, which reached more than $1 billion, according to Chainalysis.
David Bicknell, Principal Analyst for Thematic Intelligence at GlobalData, comments: "Businesses are under constant threat from ransomware attacks, and once they suffer a breach, they must decide whether to pay the ransom to recover their operations and data. The increase in attacks reflects a shift toward a more aggressive ransomware landscape. What started as phishing raids requiring decryption keys has evolved into sophisticated extortion, in which attackers publish victims' data on the darknet, leading to further attacks by other groups."
Among the companies that have suffered ransomware attacks are Boeing, Caesars Entertainment, MGM Resorts, Change Healthcare, Royal Mail, Johnson Controls, the UK's National Health Service (NHS), Sony, Capita and Dish Network.
Jordan Strzelecki, associate analyst for thematic intelligence at GlobalData, adds: "High-profile takedowns by law enforcement are increasingly disrupting ransomware gangs. Successful actions against Hive, LockBit, and AlphV temporarily stemmed the tide of attacks and sent a warning to cybercriminals that their days might be numbered. However, the ransomware industry is never static, and new gangs are continually emerging to replace those that have been dismantled or become less effective. Gang affiliates are keeping a larger portion of the ransom payments and are carrying out repeated attacks. Ransomware gangs are now actively competing to attract talent."
Bicknell continues: "The actions of governments and cyber authorities in relation to ransomware and ransom payments must be coordinated and international. Countries won't be able to combat malicious actors if they spend their time promoting their own cybersecurity credentials and competing with other nations. The battle against ransomware can only be won if countries, cyber authorities, law enforcement and businesses work together."
Strzelecki concludes, "All businesses should develop and test an incident response plan, see the big picture around paying ransoms, and stay informed about ransomware developments to protect their organizations should an attack succeed."
Leave your comment