Just over one year ago, experts suggested that ransomware attacks had begun to decline. But then 2023 got underway and blew that theory out of the water. In fact, according to Malwarebytes, ransomware attacks in 2023 soared 70 percent higher than 2022. Ransomware in 2024 promises more pain, but last year’s lessons help guide proactive security strategies.
Threat actors still overwhelmingly use phishing emails to launch their attacks. And they continue to exploit known vulnerabilities on unpatched systems. Some things never change. But the nature of these attacks constantly evolves. Like studying the opposing team’s game plays, understanding current trends can help organizations shape their defense.
In the first place, we have seen ransomware gangs increasingly turn their attention to supply chain attacks. For instance, in May 2023, a Russian gang exploited a zero-day vulnerability in MOVEit, a file transfer platform used by thousands of organizations around the world. The attack affected over 2500 organizations and 67 million people.
In a related development, threat actors have upped their attacks against high-value or high-profile organizations. This big-game hunting targets companies with treasure troves of sensitive data, strict compliance requirements, and complex systems. With so much at stake, the organizations are more likely to pay.
Next, enter double and triple extortion schemes. In the old days, attackers entered the system, encrypted information, and demanded a ransom. Now they both encrypt data and exfiltrate data to an external location. Finally, they demand payment for a decryption key, as well as for not leaking the information.
Experts have also noted a rise in “follow-on” extortion attacks. In these attacks, fake “security researchers” contact ransomware victims and offer assistance in exchange for Bitcoin payments.
Several factors make these evolving ransomware attacks particularly difficult to prevent and address. For instance, ransomware-as-a-service (RaaS) and AI have streamlined the process and made it easier for even less experienced criminals to launch successful attacks.
In addition, 5G networks have given rise to vast numbers of connected devices, with over half the world’s data projected to come from IoT devices by 2025. While this represents a boon for industry, every IoT device adds another possible entry point for hackers. Similarly, frequently lax security on mobile devices exposes both personal and business data to attack.
Finally, the cyber security skills gap continues to grow. Currently, the gap stands at 3 million people. Organizations simply do not have the security personnel they need to protect against growing threats.
Responding to evolving ransomware threats, the Cybersecurity and Infrastructure Security Agency (CISA) has released updated guidelines that include the following:
With a widening cyber security skills gap, many organizations find these security recommendations overwhelming. But even small businesses can tap into enterprise-grade cyber security by partnering with a managed services provider such as eMazzanti Technologies. Our security experts will tailor a comprehensive solution to your specific environment and budget.
Data is an increasingly valuable asset that can drive strategic decision-making, enhance operational efficiency, and…
Choosing the right email infrastructure is a critical decision for any business. Since email is…
Machine learning (ML) is one powerful way to enable computers to learn on their own…
In the fast-paced digital world of the 21st century, businesses need tools to optimize communication,…
What if you could have a business expert available 24/7 that understands your business and…
Reviewing expenses, vendors, and pricing strategy can put your business in a fantastic position to…