Ransomware is one of the most common and damaging cybersecurity threats. It’s a borderless risk that impacts essentially every industry in the world. It’s also evolving every day. Here’s what we expect to see in the cyber-sphere in 2024:
The cybersecurity community is anticipating more opportunistic ‘zero-day’ attacks in 2024. What this means (sans jargon) is that cyber criminals will be searching for vulnerabilities and weaponizing them within 24 hours.
You can read about ten of the biggest zero-day attacks in 2023 on TechTarget’s website (it’s gated, but not paid).
To reduce the risk of zero-day attacks, companies can:
- Regularly update systems and software.
- Delete unnecessary software, especially when it’s outdated.
- Require team members to use a firewall, antivirus software, and a VPN.
- Invest in advanced email security.
You should also check in with your IT team about the appropriateness of using virtual local area networks to isolate network segments. This can limit the reach of zero-day exploits and is generally good cybersecurity hygiene.
Automated Victim Assessment in Ransomware Gangs
As the ransomware ‘industry’ matures, we’re seeing more communication, and even mergers, between ransomware gangs – as well as increasingly streamlined processes. This extends to victim assessment.
In 2024, we expect ransomware groups to leverage automation to create a list of potential victims (based on a specific vulnerability). From there, it’s likely they will manually select the most lucrative ones to target.
Would You Pay a Ransom Demand?
If you don’t already know if you would pay a ransomware demand, it’s time to have that discussion. It’s generally advisable to not pay, since your payment funds the ransomware industry, and there are no guarantees the group will return or destroy your data.
However, taking this stance in practice does require your company to develop a robust and resilient IT framework that includes recovery protocols.
Read more in our 2021 post Ransomware: Would your company pay?
What If They Threatened to Publish the Data?
If you decide your company wouldn’t pay a ransom demand, you should direct your attention to your strategy for handling the increasingly common double-extortion tactic adopted by ransomware groups. Initially, ransomware groups encrypted the data they were holding hostage and demanded a ransom to decrypt it. It’s becoming more common for them to exfiltrate the data then threaten to publish it if the ransom isn’t paid. Your ransomware strategy should reflect this risk.
Given this evolving tactic, companies that collect and store sensitive personal information should be even more vigilant. If you collect sensitive personal information, the harm from publication will be greater, and the cyber criminals may be more likely to target you (given the higher stakes and increased likelihood of receiving a ransom payment).
Mobile Attacks More Common
We’re also expecting to see an increase in mobile ransomware, especially through social network schemes.
Individuals are becoming more alert to phishing schemes at work – plus with the increasing sophistication of email security, we may see a decrease in successful workplace phishing attacks (especially for companies that invest in training).
However, people do tend to be more lax on social media and within their personal emails. Particularly when they believe they’re communicating with someone they know.
Hackers are increasingly ‘doubling’ individual social media posts and sending out bulk messages on social platforms encouraging readers to download a (dangerous) app or to click certain (malicious) links.
If your workforce has access to workplace networks on their personal phones, it’s critical that you implement policies and security protections that reflect the risks posed by their personal use of the device. Training should also be provided.
If you need assistance with your company’s cybersecurity policies, reach out. Our team of privacy attorneys would love to help.
The materials available at this website are for informational purposes only and not for the purpose of providing legal advice. You should contact your attorney to obtain advice with respect to any particular issue or problem. Use of and access to this website or any of the e-mail links contained within the site do not create an attorney-client relationship between CGL and the user or browser. The opinions expressed at or through this site are the opinions of the individual author and may not reflect the opinions of the firm or any individual attorney.