Thematic Intelligence: Deep Dive into Ransomware

Thematic Intelligence: Deep Dive into Ransomware

Summary

A fall in the number of ransomware attacks in 2022 gave the impression that ransomware attacks were being contained or even controlled. This was a false dawn. 2023 was the third worst year on record for ransom attacks and the worst for payments, which reached over $1 billion, according to Chainalysis. 2024 is on track for a record number of attacks, in part due to intensifying geopolitical tensions.

Key Highlights

• You are never too big to be hit by a ransomware attack. Companies that have suffered ransomware attacks include Boeing, Caesars Entertainment, MGM Resorts, Change Healthcare, Royal Mail, Johnson Controls, the UK’s National Health Service (NHS), Sony, Capita, and Dish Network. No organization, big or small, is immune from a ransomware attack. What is important is how that organization responds to the attack.
• Ransomware gangs are being disrupted by law enforcement takedowns. Law enforcement takedowns against Hive, LockBit, and AlphV have stemmed the tide of attacks. However, the ransomware industry is never static, and new gangs continually emerge to replace those that have been taken down or have become less effective. Gang affiliates are taking a larger slice of ransom payments and are making repeat attacks. Ransomware gangs must now actively compete to attract talent.
• Ransom payments should not face a blanket ban but should be regulated and licensed. The trend is toward authorities cracking down on ransomware payments. This will drive payments underground, making it more difficult for law enforcement to track and combat ransomware operations, among other negative consequences. Instead, ransom payments should be regulated and licensed to enable more controllable, transparent, and accountable payments.

• Ransomware is a type of malware that prevents access to the target’s computer system or data until a ransom is paid to the attacker. It often uses encryption to lock up files or IT systems, holding them hostage until money is paid for a decryption key. This report looks in detail at the issue of ransomware, including analysis of the attack landscape, details of the most prolific ransomware gangs, an evaluation of the positive and negative impacts of paying ransoms, and recommendations for businesses, regulators, cyber authorities, and governments.

• One in every 10 organizations worldwide was hit by attempted ransomware attacks in 2023. On average, there were 1,158 attacks per organization per week. Ransomware is a major issue for companies of all sizes. This report will help you understand what ransomware is, how it might affect your business, and what you can do about it.