From supply chain attacks to generative AI, this article looks at the biggest trends in ransomware this year.
Trends that will continue in 2024
- Supply chain attacks: Attacks on supply chains have more far-reaching consequences than those targeting a single organisation - so expect to see more of these as hackers do their best to maximise damage.
- Triple extortion: Hackers don’t just demand a ransom for the return of encrypted information or exfiltrate the data - they also threaten to leak the data unless their demands are met.
- Ransomware as a service (RaaS): Attackers can simply pay for the code and infrastructure they need to carry out an attack, lowering the bar to entry.
- Unpatched systems: Very few ransomware attacks use novel zero-day vulnerabilities. Most attacks continue to abuse known vulnerabilities on unpatched systems.
- Phishing: The majority of ransomware attacks can be traced back to phishing emails. Generative AI is making it easier for hackers to write convincing bait emails, and organisations are more at risk than ever.
Ransomware predictions
- Attack methods will evolve to exploit cloud and VPN infrastructure.
- Software supply chain attacks will continue to rise.
- Generative AI could be a real problem