What are the latest trends in ransomware attacks and how have they evolved recently ?
Nearly 90 % of organisations were targeted by ransomware attackers in 2024 , with an uptick in targeted attacks against key sectors such as healthcare , education and manufacturing . This surge can be attributed to the growing dependence on digital systems within these industries , combined with the comparatively lower commitment to security measures and tools .
Digital extortion has emerged as the prevailing ransomware attack model . This approach begins like a standard ransomware attack , with the victim pressured to pay up to regain access to encrypted files . Unknown to the victim , the attackers have already absconded with a substantial amount of data . Failure to meet their demands results either in threats to publicise the attack or peddle the stolen data .
Shobhit Guatam , Staff Solutions Architect EMEA , HackerOne
Shobhit Gautam , Staff Solutions Architect for EMEA at HackerOne , explores emerging ransomware attack trends and offers insights into strengthening organisational defences . He evaluates the effectiveness of current response strategies and highlights key priorities for organisations in the aftermath of an attack .
Another growing concern is RaaS ( Ransomware-asa-Service ). The accessibility of ransomware tools and expertise broadens the pool of potential attackers . Hackers no longer require extensive programming knowledge to launch a ransomware attack . RaaS operates under a franchise system where a central syndicate develops ransomware tools and rents them out to affiliates who carry out the attacks , available for as low as US $ 40 USD . This model has lowered the entry barrier for cybercriminals and expanded the scale of attacks .
How can organisations better defend themselves , especially with critical infrastructure under threat ?
To build a strong cyberdefence , it is essential to remain constantly proactive . One way to ensure this is through bug bounty programs . When employed as part of a defence-in-depth approach , this model can help organisations adapt their security strategy to meet the latest threats .
For example , public bug bounty programs help offset the risk of ransomware attacks by counteracting the ransomware incentive model with a vulnerability rewards incentive model . These programs will incentivise security analysts to highlight gaps in defences that can be exploited by ransomware gangs .
WWW . INTELLIGENTCISO . COM 37