In 2024, the world of cybersecurity continues to be dominated by the persistent and evolving threat of ransomware. Once primarily a concern for small businesses and individuals, ransomware has become a sophisticated tool wielded by cybercriminals and is leading to increasingly worse outcomes for organizations. The growing reliance on digital infrastructure, combined with increasingly interconnected global networks, has created fertile ground for these attacks, which have grown in both frequency and severity. “Generally speaking, their tactics are becoming progressively more brutal,” Brett Callow, a threat analyst at Emsisoft told Wired Magazine.
The Evolution of Ransomware
Modern ransomware often involves a combination of tactics, including data exfiltration, where attackers steal sensitive data before encrypting it. This double-extortion model has become the norm, where attackers threaten to release stolen data publicly or sell it on the dark web if the ransom is not paid.
AI-powered ransomware-as-a-service (RaaS) platforms have lowered the barrier to entry for cybercriminals. RaaS allows even those with minimal technical expertise to launch sophisticated ransomware campaigns. This democratization of cybercrime has led to a significant increase in the number of ransomware incidents globally, as well as increased the speed and volume of attacks. “Gangs are also carrying out more attacks faster, with the average number of days taken to execute one falling from around 60 days in 2019 to four,” reports the World Economic Forum, whose research also shows that more organizations are choosing to pay the ransoms. In 2019, only 10% of organizations struck by ransomware paid the ransom. In 2022, it was more than half.
The result? Ransomware is a bad problem getting worse. “If anything, the ransomware threat is even more severe in 2024,” writes Security Week. “And the growth in leaks and leak sites suggests ransomware is even more successful.”
A survey from cybersecurity vendor Rapid7 has found postings of exfiltrated data to leak sites has nearly doubled year-over-year from the first half of 2023 to the first half of 2024.
One of the most concerning trends in 2024 is the targeting of critical infrastructure and public services. Cybercriminals are increasingly going after hospitals, power grids, and other essential services, knowing that the urgency of these sectors increases the likelihood of ransom payments. These attacks not only threaten the financial stability of organizations but also pose a direct risk to public safety.
The Impact on Organizations
The consequences of a ransomware attack in 2024 are more severe than ever. Organizations face not only the immediate disruption of operations and potential financial losses but also long-term damage to their reputations and customer trust. The costs associated with ransomware attacks have skyrocketed. According to Sophos News, the median ransom payment has increased fivefold from 2023 from $400,000 to $2 million.
Prevention makes a big difference. “If undetected, an intrusion can quickly escalate, and once data is encrypted and/or stolen, the costs snowball – as much as 1,000 times higher than if an incident is not detected and contained early; the difference between a €20,000 loss turning into a €20m one,” reports the Word Economic Forum.
And some experts worry that the rise of ransomware could escalate out of cyberspace. “My concern is that this will spill over into real-world violence very soon,” says Callow. “When there are millions to be had, they might do something bad to an executive of a company that was refusing to pay, or a member of their family.”
Three Key Strategies to Protect Against Modern Ransomware Attacks
1: Get Cybersecurity Basics Right.
“The number one attack vector where people are being compromised is through not implementing multi factor authentication, or doing so in the wrong way,” says Christiaan Beek, senior director of threat analytics at Rapid7, “and we’re still leaving the door wide open by not patching critical vulnerabilities.” He argues that most organizations need to continue focusing on just getting basic cybersecurity hygiene in place and maintained.
This should also include making sure you allocate adequate resources to cybersecurity. According to another 2024 report on ransomware, security budget increases have not kept pace with the cost impacts of cybersecurity lapses: “For example, lost revenue increased from 56% to 62% and reputational damage increased from 43% to 48% during 2022 and 2023. However, security budget increases simultaneously decreased from 76% to 61% in the same period.”
2: Engage in Regular Backups and Disaster Recovery Planning.
Maintaining regular backups of critical data is essential. However, these backups should be stored securely, separate from the main network, to ensure they are not compromised in an attack. Additionally, having a comprehensive disaster recovery plan in place allows organizations to quickly restore operations without needing to pay a ransom.
Sophos has found that the number of organizations that use backups to restore ransomed data has been decreasing (from 73% in 2022 to 68% this year) while the number simply paying the ransom has increased from 46% to 56% in the same period.
3: Get Help from a Credible, Reputable Cybersecurity Partner.
Navigating the complex landscape of cybersecurity threats is a daunting task for most organizations. Partnering with a reputable cybersecurity firm provides access to expert knowledge, advanced tools, and ongoing support. A trusted partner can help organizations stay ahead of emerging threats, conduct regular security assessments, and respond swiftly and effectively in the event of an attack.
In the end, ransomware remains one of the most significant threats facing organizations in 2024. By adopting a proactive and multi-layered approach to cybersecurity, including partnering with experts, organizations can protect themselves against this ever-evolving menace and ensure the resilience of their operations in an increasingly digital world.
About PSL
PSL is a global outsource provider whose mission is to provide solutions that facilitate the movement of business-critical information between and among government agencies, business enterprises, and their partners. For more information, please visit or email info@penielsolutions.com.