Ransomware demands are skyrocketing in 2024, with the average extortion demand per ransomware attack exceeding $5.2 million per incident in the first half of the year.
Following an attack on India's Regional Cancer Centre (RCC) on April 20, a review of 56 ransom demands from January to June of this year revealed that the highest demand was $100 million.
The second and third highest extortion demands were issued to Synnovis, a UK pathology supplier, and London Drugs, a Canadian retailer, at $50 million and $25 million, respectively.
Even though there were 421 ransomware attacks in the first half of 2024 as opposed to 704 attacks in the same time of 2023, the numbers for 2024 are probably going to rise as long as there are more SEC-mandated breach disclosures.
In terms of how much data has been stolen in these attacks, private companies have had 29.7 million records compromised thus far, whilst governments have had 52,390, and the healthcare industry has had a startling 5.4 million exposed records.
Prevention tips
Maintain backups: The researchers recommend that backing up critical information is the single most effective strategy to recover from a ransomware outbreak. There are a few things to consider, however. Backup files should be securely safeguarded and stored offline or out-of-band to prevent attackers from targeting them.
Using cloud services may help alleviate a ransomware outbreak as many retain previous versions of files, allowing you to restore to an unencrypted version.Regularly test backups for efficacy. In the case of an attack, be sure your backups aren't infected before rolling back.
Develop strategies and policies: Create an incident response strategy so that your IT security personnel knows what to do in the case of a ransomware attack. The plan should include the roles and communications to be shared during an assault.
You should also include a list of contacts, such as any partners or vendors that need to be informed. Do you have a "suspicious email" policy? If not, try implementing a company-wide policy. This will help instruct employees on what to do if they receive an email that they don't understand. It may be as simple as forwarding the email to the IT security staff.
Keep systems up-to-date: Make sure that all of your organization's operating systems, apps, and software are constantly updated. Applying the most recent updates will help close the security gaps that attackers are attempting to exploit. Wherever possible, enable auto-updates so that you always have the most recent security fixes.
