November 4, 2024
Despite recent accomplishments by law enforcement, such as the takedown of organizations like LockBit and the seizure of Radar, the ransomware landscape is still strong and shows no signs of slowing down. Allan Liska, a ransomware specialist and threat intelligence analyst at cybersecurity firm Recorded Future, predicts that 2024 will be a banner year as hackers continue to reap significant profits from data theft activities. According to Liska, who spoke with TechCrunch in London, the year is still expected to break previous records in terms of the frequency of attacks and ransom payments to victims, although the increase in ransomware occurrences may slow.
For the first time, multiple eight-figure ransoms were paid in 2024, including a remarkable $22 million paid by Change Healthcare following Russian cybercriminal gang ALPHV's theft of millions of Americans' private medical information. Due to disagreements between ALPHV and its subsidiary responsible for the breach, this episode highlighted the internal conflicts between the ransomware groups.
The arrival of younger, more experienced hackers, like those at Lapsus$ and Scattered Spider, who have carried out major hacks, notably on MGM Hotels and perhaps Transport for London, is another worrying trend highlighted by Liska. These young hackers, who often speak good English and are adept at targeting large companies, are part of a growing number of data-theft-only attacks, which have increased by more than 30% this year. Liska says many new threat actors are choosing to forgo encryption-based strategies in favor of collecting large amounts of data, which simplifies their operations while still producing powerful results.
This change has far-reaching consequences. Liska warns of the possibility of more overt methods of theft, such as attacking cryptocurrency exchanges, due to the increase in extortion attacks carried out solely by teenage hackers. Additionally, it expresses concern over growing strategies used by attackers to exploit victims who are unwilling to pay using their personal information, which could turn cyber threats into real ones.
According to Liska, the outcome of the US elections could have a significant impact on how ransomware develops in the future. Looking at possible solutions, Liska admitted that banning ransom payments would be the most effective way to disrupt the ransomware economy, although it is not a perfect solution. Even though numerous police measures have been taken against ransomware operators this year, attacks are still encouraged by the promise of eight-figure payouts.
Safeguard tomorrow with Code Labs Academy’s expert-led Cybersecurity Bootcamp.