Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.
| 9 Jul 2024 | |
| General |
It seemed that the tide had turned in the ransomware landscape in 2022. Reports showed a declining numbers of attacks and more victims refusing to pay. But in 2023, ransomware activity surged. Ransomware gangs successful extorted a record $1.1 billion in cryptocurrency payments from victims, according to a report from blockchain analysis firm Chainanalysis.
What factors drove the upswing in ransomware activity? And following a year of record payments, what can enterprise security leaders expect in the ransomware landscape of 2024?
The Top Threat Actors
Ransomware remains a lucrative business for cybercriminals, and the barrier to entry is relatively low. Threat actors can seek easily exploitable vulnerabilities or opt to pay for ransomware-as-a-service. While the volume of attacks is significant, several notorious groups take the lead as repeat offenders.
“LockBit we see … almost 25% of all ransomware attacks are from that group,” Jonathan Braley, director of threat intelligence at the Information Technology-Information Sharing and Analysis Center (IT-ISAC), tells InformationWeek. “So, every week we’re seeing 10 to a dozen attacks coming just from LockBit.”
Taiwan Semiconductor Manufacturing Company (TSMC) and IT products and services company CDW were among LockBit’s victims in 2023. The group demanded $70 million from TSMC and $80 million from CDW. In 2024, the group claimed responsibility for attacks on Saint Anthony Hospital and Lurie Children’s Hospital in Chicago.
