The Global Cost of Ransomware

14 February 2024

After a slow year in 2022 due to interruptions caused largely by the conflict in Ukraine, international ransomware groups hit back in 2023 netting more than $1 US billion from their nefarious global activities.

Sophisticated hackers expanded their list of targets to include hospitals and other healthcare providers, schools, and a growing list of major corporations. Research firm Chainalysis identified a noticeable increase in the payment of ransoms of more than $1 million, indicating a shift from medium-sized organisations to the top end of town.

A complex ransomware attack that compromises business data is terrifying for all organisations that fall victim to such an incident. This terror is higher when data is time-sensitive, like patient or student records. Ransomware attacks normally involve hackers gaining access to a targeted computer system and infecting it with a type of malware that encrypts files and renders them inaccessible.

More sophisticated attacks include assailants extracting data from a network, such as customer details that can be sold on the dark web. Payment is then normally demanded in the form of cryptocurrency, in exchange for unlocking the files or the deletion of stolen data.

A growing trend, known as “ransomware as a service”, involves the hiring of malware to criminal groups in exchange for a percentage of the illicit proceeds. Another driver of ransomware activity has been the emergence of “initial access brokers” who uncover and then sell vulnerabilities to secondary groups who follow through with a targeted malware attack.

According to Allan Liska of cyber security specialist firm Recorded Future, “A major thing we’re seeing is the astronomical growth in the number of threat actors carrying out ransomware attacks,” Recorded Future tracked 538 new ransomware variants in 2023, indicating the emergence of new, independent groups.

Like most cyber security threats, the threat of ransomware is best managed by rigorous preventative measures including risk analysis, staff training, and mechanised data backup systems. Post attack preparedness strategies include incident response planning and regulatory compliance readiness.

Intalock specialises in helping Australian organisations across all industry sectors to prevent and prepare for ransomware attacks.

For more information, click this link.

back to blog

We protect australia's leading brands and businesses against cyber threats.

Cyber security is in our DNA