Serving tech enthusiasts for over 25 years.
TechSpot means tech analysis and advice you can trust.
Why it matters: There have been several incidents of authorities shutting down major ransomware operations this year, including the seizing and disruption of LockBit. As such, you'd be forgiven for thinking that ransomware is declining, but it's not. According to an expert, 2024 is set to be another record-breaking year for this type of malware, with victims handing over more money than ever before.
Allan Liska, a threat intelligence analyst at cybersecurity firm Recorded Future, spoke to TechCrunch about the depressing state of ransomware in 2024.
"The curve is going to flatten a little bit, which I guess is good news. But a record-breaking year is still a record-breaking year," Liska told the publication. "We've also this year, for the first time that I'm aware of, had four eight-figure ransoms paid."
In February, UnitedHealth-owned health tech company Change Healthcare suffered a security incident that was later confirmed to be the work of an affiliate of Russian ransomware gang ALPHV, aka BlackCat, which stole the medical data of at least 100 million Americans. UnitedHealth paid the gang $22 million, one of the eight-figure ransoms Liska mentioned.
Ransomware attacks are usually associated with gangs encrypting a target's systems, preventing access until money for a decryption key is paid. However, Liska says there's been a rise in data-theft-only attacks this year, up 30% in 2024.
"A lot of the newer threat actors just don't want to deal with encryption, decryption, or anything like that," he said.
In February, law enforcement agencies from 12 countries came together in a joint operation that saw the LockBit ransomware website taken down (below), the seizure of servers critical for the group's infrastructure, and the arrest of several gang members, including one while he was vacationing outside of Russia. Ransomware gang Radar (aka Dispossessor) also had its servers seized by the FBI.
Despite these victories, Secureworks revealed this week that there has been a 30% year-over-year rise in active ransomware groups this year, with 31 new groups appearing.
Law enforcement agencies usually advise victims not to pay ransomware gangs as there's no guarantee they will hand over/decrypt the data, but it still happens. White House cyber boss Anne Neuberger suggested a way to stop this was to ban insurance company policies that cover reimbursement of ransomware payments.
Liska previously stated that banning payments wasn't the answer, but with eight-figure ransom payments incentivizing more attacks, he now believes it may be necessary. "My answer is: ban ransom payments, which is a terrible solution, but it may be the least-bad solution that we have," he said.
Masthead: Sebastiaan Stam
:quality(85):upscale()/2024/11/05/936/n/1922153/cc2bbd68672a8e1588a964.53876938_.webp)
:quality(85):upscale()/2024/08/06/667/n/1922794/4bc1ce8866b23aaf319c84.46755244_.png)
English (US) · 