How emerging ransomware trends can help in inform payment decisions
- Advertisement -
Related Posts
- Advertisement -
Thanks to the more intensive activity on the part of law enforcement authorities worldwide-resisting in the closure of very profitable and destructive ransomware-as-a-service (RAAS) groups such as Lockbit Hebben we have seen some encouraging signs within the continuous fight against ransomware Threats. The annual totals of the Ransomware payment fell from $ 1.25 billion in 2023 to $ 813.55 million last year.
In the meantime, the global increase from the year to year in the percentage of these attacks, with 5,289 incidents in 2024, is an increase of 15 percent compared to 4,591 in 2023 in 2023. But that percentage increase is considerably lower than the increase of 77 percent in 2023 (2,593 attacks in 2022). The total growth rate of the incident therefore seems to be somewhat draining.
However, it is not time to become complacent. In our own research we have found that ransomware variants grew to 101 in 2024, an increase of 70 in 2023. This increase in the variants remains an ominous indicator of accelerated attacks that mean the coming attacks, which is demonstrated that Rebranding efforts of cyber criminals are demonstrated. They respond to law enforcement activities with traditional variants and more precisely focused campaigns aimed at victims with deep pockets. As a result, they stimulate their efficiency and efficacy.
Director of Intelligence Collections Management at Intel 471.
Ransomware-as-a-service
With the rise of Raas over the years, cyber criminals are now working just like a companyuse of a market -based market in which customers (Usually referred to as affiliated companies) Pay for software made by ransomware operators, for launching attacks.
Raas has naturally reduced the entry threshold because customers no longer have to be experts in coding. They can simply pay for the product to launch their ransomware campaigns, and their subscriptions usually include full-service offers from software support, malware and infrastructure. Such a model created a strong stimulus for more cyber actors, who may be less competent or experienced, to become a member of the ransomware landscape, as long as they agreed to share a reduction in ransom with the RAAS operator of course.
Important trends
If this sounds like an Enterprise approach of high-level crime, well, that’s because it is. We then see the following important trends that reform the essence of the Ransomware experience in 2025 – trends that can help victims to make better decisions when assessing whether they will continue with payment negotiations or not:
(Dis) honor among thieves
Ransomware is striking under cyber attack techniques because there are inevitably person-person exchanges that often touch human emotions and elements of trust. Or distrust.
Victims, already rattled by the reality of the situation, are in dialogue with the ransomware operator and must evaluate whether the operator will be good for the conditions if the ransom is paid. “What do we know about this group?” Victim organizational leaders will ask. ‘Do they seem too aggressive? They are under pressure without the intention of the facts They stole us or never bothered us again? Or do they have a track record of respecting negotiated agreements? “
The armament of data
Raas groups not only steal the data of victims. They arm it as a means to increase the pressure to pay. They will now go through financial data, limits for cyber liability and additional information to determine whether a victim is positioned to pay – and how much.
Artificial Intelligence (AI) Tools She is able to further explore on a larger scale, such as the exploitation of Human Resources (HR) Records to reach employees and/or senior executives and to tell them that their data has been affected. With this, the RAAS operator tries to exert pressure on employees and managers to convince their organization to pay the ransom.
Outsourcing and automation
RAAS operators are fully able to use the same technical and personnel management aids as legitimate companies. Outsourcing enables them to quickly rebrand when they feel the heat around the corner. They can put people and resources in place with a spider -off group and then migrate to the new brand when they have to “disappear” the current to prevent them from being arrested.
Automation will improve efficiency and expand the scale of the targeting and payments of victims. Instead of communicating with targeted organizations person to person, a chatbot Immediately members of the organization will lead to a login page and they will use a transaction number to process the payment and secure the stolen information.
Deal or no deal?
Ultimately, for victims, ransomware comes down to one simple proposition: deal or no deal? This is a highly individualized decision, based on the size of the organization, the industry and the potential consequences of taking a “no payment” position.
But the more companies are aware of the RAAS operator, the better their choices informed. If they know the background of the operator and how skilled they are in deploying AI and extra means to “go deep” in their environment – then they have a stronger feeling of likely paying or not paying. If they are aware that the “new” group that endangered them is actually a spider of an old one, then they can investigate the reputation history of the former brand.
Given that Ai And automation The possibilities of the Raas Underworld only have to expand dramatically as a collective whole, organizations must stay informed of these trends to make the best decision for their teams.
We have the best coding software.
This article is produced as part of the TechRadarpro expert insight channel, where today we have the best and smartest spirits in the technology industry. The views expressed here are those of the author and are not necessarily those of TechRadarpro or Future PLC. If you are interested in contributing to find out more here: https://www.techradar.com/news/submit-your-story-techradar-pro
- Advertisement -
