Analytics company GlobalData warns ransomware attacks in 2024 are set to reach record levels amid intensifying geopolitical tensions, highlighting the need for a coordinated global response and robust incident response strategies.
GlobalData flags the threat in its latest Thematic Intelligence report, Deep Dive into Ransomware. The report emphasises the rise of sophisticated extortion tactics and increasingly aggressive and persistent cyber threats. The company says 2023 was the third-worst year on record for ransom attacks and the worst for payments, which reached over USD1 billion.
“Companies are under constant threat from ransomware attacks and, once breached, must decide whether to pay the ransom to recover their operations and data,” says GlobalData’s Principal Analyst of Thematic Intelligence, David Bicknell. “The surge in attacks reflects a shift toward a more aggressive ransomware landscape. What began as phishing-led incursions requiring decryption keys has evolved into sophisticated extortion, where attackers post victims’ data on the dark web, leading to further attacks by other groups.”
Companies that have suffered ransomware attacks include Boeing, Caesars Entertainment, MGM Resorts, Change Healthcare, Royal Mail, Johnson Controls, the UK’s National Health Service, Sony, Capita, and Dish Network.
“Government and cyber authority action on ransomware and ransom payments must be coordinated and international,” adds Bicknell. “Countries will fail to combat bad actors if they spend their time trumpeting their own cybersecurity credentials and competing with other nations. The battle against ransomware can only be won if countries, cyber authorities, law enforcement, and companies work together.”
“High-profile law enforcement takedowns are increasingly disrupting ransomware gangs,” said GlobalData Associate Analyst Jordan Strzelecki. “Successful action against Hive, LockBit, and AlphV temporarily stemmed the tide of attacks and warned cybercriminals that their days could be numbered. However, the ransomware industry is never static, and new gangs continually emerge to replace those that have been taken down or have become less effective. Gang affiliates are taking a larger slice of ransom payments and are making repeat attacks. Ransomware gangs are now actively competing to attract talent.”
“Every business must develop and test an incident response plan, see the bigger picture around paying ransoms, and stay informed about ransomware developments to protect their organisations in the event of a successful attack.”