Record Level of Ransomware Attacks Forecast for 2024

Last year, ransomware attacks were once again at the forefront. According to the ‘Deep Dive into Ransomware’ report by GlobalData’s Thematic Intelligence, which cites Chainalysis, it was the worst year ever for payments with more than $1 billion.

It is also in the top three worst years in terms of attacks, directly at number three.

Things do not seem to be getting any better this year. GlobalData forecasts that ransomware attacks will reach record levels.

Companies across the board are affected by this threat, now focusing on more elaborate extortion tactics.

Organisations that have already fallen victim include Sony, Boeing, Royal Mail, Johnson Controls and the UK’s National Health Service.

‘What began as targeted phishing raids requiring decryption keys has evolved into sophisticated extortion, where attackers publish victims‘ data on the dark web, leading to further attacks by other groups,’ says David Bicknell, principal analyst at Thematic Intelligence at GlobalData.

‘Businesses are under constant threat from ransomware attacks and, once breached, must decide whether to pay the ransom to recover their operations and data,’ he says.

The increase in attacks reflects a shift towards a more aggressive ransomware landscape,’ he adds.

‘Action by governments and cyber authorities against ransomware and ransom payments must be coordinated and international,’ he continues.

‘Countries will fail in the fight against malicious actors if they spend their time touting their own cybersecurity credentials and competing with other nations,’ he warns.

‘The battle against ransomware,’ Bicknell stresses, ’can only be won if countries, cyber authorities, law enforcement and businesses work together.

Jordan Strzelecki, associate analyst for Thematic Intelligence at GlobalData, notes that ‘high-profile takedowns by law enforcement are increasingly disrupting ransomware gangs’.

‘The successful actions against Hive, LockBit and AlphV temporarily stemmed the tide of attacks and sent a warning to cybercriminals that their days may be numbered,’ he notes.

‘However,’ he qualifies, “the ransomware industry is never static and new gangs continually emerge to replace those that have been dismantled or have become less effective”.

‘Affiliates of the gangs are taking a bigger slice of the ransom payments and carrying out repeated attacks,’ Strzelecki notes. ‘Ransomware gangs are now actively competing for talent.

At this point, ‘all companies should develop and test an incident response plan, look at the big picture around ransomware payments, and stay informed about ransomware developments to protect their organisations in the event of a successful attack’.