Ransomware report reveals changing ransomware trends for both attackers and defenders
Ransomware is a moving target. The past year has seen a rise in ransomware activity as gangs band together and leverage AI to scale their activities.
To meet the evolving challenge, organizations are shifting priorities and adopting new anti-ransomware strategies. Our most recent ransomware research found numerous ways organizations have changed in the past year.
Read on for the latest ransomware trends.
1. Defending against data exfiltration
This year, IT and security pros surveyed believe attackers are more motivated by data exfiltration than a straightforward money grab. They say cybercriminals are stealthily extracting sensitive data without necessarily delivering encryption payloads that shut down systems.
This is a much more insidious approach that makes ransomware harder to combat. Data exfiltration tactics can stay under your team’s radar for a long time. By the time you discover what attackers are doing, your data may already be gone.
2. Increasing anti-ransomware budgets
Almost all survey respondents (91%) have a dedicated budget to protect against ransomware, a much higher percentage than 2022. However, the study found that budgets often increase only AFTER an organization is hit with ransomware.
3. Prioritizing cloud and applications
This year, respondents say they are most concerned about ransomware attacks on cloud infrastructure and applications. As organizations become more reliant on the cloud for everything from software development to delivery of core services, it’s no surprise that they are more concerned with cloud security.
4. More victims are agreeing to pay
Faced with the potentially crippling consequences of ransomware, the study found that more than three-quarters of companies are opting to meet ransom demands as a pragmatic response to mitigate the impact. Last year, 68% said they were willing to pay.
5. Privileged Access Management (PAM) investments are gaining traction
The study found that IT and security leaders have escalating concerns about privileged access as a vulnerable target for ransomware.
As part of the ransomware ecosystem, access brokers sell compromised credentials that provide entry to IT environments so their affiliates can conduct criminal activities, including data encryption, data exfiltration, and malware that slows or shuts down IT systems.
To address the rising anxiety, spending on Privileged Access Management solutions also increased this past year. Investment has nearly doubled compared to last year's survey, rising from around 15% to just under 30% of the ransomware prevention budget.
Get more ransomware trends
Grab your copy of State of Ransomware 2024: Anticipating the Battle and Strengthening Your Defenses to get more insights from folks in the trenches, along with context and analysis of what ransomware trends mean for your business. The findings will help you align with your leadership on the risk of ransomware and improve your ability to withstand an attack.