Skip to main content

Ransomware in 2024: who are the biggest names?

Franck Do WZMPZ M9s unsplash

The British Library experienced a ransomware attack from the group Rhysida in October. 500,000 files were then leaked, reportedly including personal information of customers and readers. Not only is did this constitute a significant data-breach - rebuilding their systems will reportedly incur costs of between £6-7m.

Weaknesses that ransomware groups seek to exploit

Small and medium businesses are often too resource poor to make items like cybersecurity a priority on their strategic agenda, and taking the British Museum as an example, the consequences can be devastating. They are limited often by funds, senior leadership with appropriate expertise, insight into past experience with cyber- attacks, and latest techniques to enhance their cyber defences.

Companies are often focussed on their product and service offering and building their brand to the detriment of security. Cyber criminals are aware of this drawback and exploit it through ransomware attacks.

Recent ransomware trends

The increase of AI has unfortunately contributed to the growth in ransomware, which reports suggest have doubled in number.

In 2023, the most prolific ransomware groups were Lockbit, BlackCat and C10p are infamous as per recent reports, while previously notorious Conti and Revil disintegrated. The new ones to look out for this year include MalasLocker, 8BASE, Akira.

The rise in Ransomware attacks on the one hand can be attributed to the rise of RaaS (Ransomware as a Service). Here, ransomware operators sell or rent the software to cyber criminals, who then each target their own victims. Yet to counter this, there is an increased awareness about cyber-vulnerabilities, allowing some businesses to detect these and other potential compromises sooner.

There is a corresponding increase in endpoint protection software to protect companies from attacks, but this increase is unlikely to be equal to the increase in availability and access to ransomware software available to criminals.

How to make your company cybersecure

Firstly, all companies should seek help and advice from Government/authorities (e.g., in the UK, this would be the National Cyber Security Centre). These organisations are designed to support organisations in specific areas to prevent and protect against cyber incidents.

Secondly, companies should look to employ a virtual CISO who may not be in-house, but has been hired to help cyber-secure the organisation and its cyber-assets.

Ultimately, prevention is better than finding a cure, and the best way to avoid cyber criminals is to make your company a hard target in the first place. Staff should be trained (including senior executives and board members) with cyber-awareness exercises to protect against phishing attempts, which are amongst the most popular and common vulnerabilities targeted by criminals. Critical data should be patched and backed up regularly.

But these things cannot be done unless companies get into the habit of making cybersecurity a standard board/C-suite agenda item. Though in the event of an attack, the deadline and the final amount that needs to be paid may be up for negotiation, the cost to the business will still be high. Bringing cyber conversations in the spotlight ought to be considered a necessity and not a luxury, which then enables necessary resources to be allocated to prevention.

Published 10 January 2024
Topics:
Leading insights AI and automation

You might also like

Autumn Budget 2024: Henley academics have their say

1 November 2024
Henley's academics provide their opinions on the autumn budget 2024.
Leading insights

Leading differently: what are DAOs and how do they work?

16 May 2024
New research from Henley Business School explores how the tech underpinning cryptocurrencies have helped some businesses radically reorganise the way they are governed.
Leading insights AI and automation

Meta-skilling is the solution to the robot revolution

23 October 2020
Dr Naeema Pasha looks at the challenges a "robot revolution" could pose for organisations after a World Economic Forum report forecast that by 2025, half of all work tasks will be handled by machines.
Leading insights AI and automation