Home  | Regents’ Risk Radar

The ransomware industry is thriving, not losing.

The ransomware industry is thriving, not losing. The victims are private companies and organisations, facing financial extortion or the atrocious reality that their crucial data being exposed online.

The ransomware landscape indeed seems to be evolving in favour of attackers, even as law enforcement efforts continue to dismantle certain groups. Notably, 2024 is seeing record-breaking ransom payouts and increasing extortion tactics, underscoring the industry’s profitability and persistence. As high-profile cases like Change Healthcare’s $22 million ransom to the ALPHV group show, ransomware remains lucrative despite the occasional infighting within these criminal organizations.

With newer, often younger hackers joining the fray, and the rise of “data theft-only” attacks, the threat environment is diversifying. These attackers are opting for less data-heavy but equally coercive techniques, aiming to create chaos and extract payments without the complexity of handling large data troves.

Groups like Scattered Spider even threaten real-world violence, a disturbing development that shows a willingness to cross new boundaries to ensure victims comply with demands.

The Biden administration’s global ransomware task force and the push for international intelligence sharing have brought new tools and collaborations to the fight against ransomware.

Yet, the impact of U.S. leadership on global cybersecurity policy is crucial. A shift in U.S. willingness to lead or share intelligence could hinder law enforcement’s ability to counter these threats effectively.

Proposals to ban ransomware payments face the challenge of securing broad international agreement, given differing national policies and cybercrime frameworks.

Private companies and organisations should enact defensive measures, such as securing and segmenting data backups, encrypting sensitive data, and implementing robust monitoring systems to thwart Ransomware attacks.

These steps should help private companies and organisations protect themselves from ransomware attackers and reduce the likelihood of hefty payouts or have their and clients’ data being blasted on the dark web or internet.

 

Need Professional Advice?

Our experts provide tailored solutions to uncover critical insights, resolve complex challenges, and safeguard your business integrity.