Virtualization Technology News and Information
Article
RSS
Index Engines 2024 Predictions: 5 Ransomware Predictions for 2024

vmblog-predictions-2024 

Industry executives and experts share their predictions for 2024.  Read them in this 16th annual VMblog.com series exclusive.

5 Ransomware Predictions for 2024

By Jim McGann VP, Marketing and Business Development, Index Engines

First, let's recap 2023. It took a 10-minute phone call to cause over $100 million in ransomware damage to a $40 billion company that had thousands of security measures in place. The MGM Grand cyberattack personified how effortless and damaging cyberattacks have become. 

It created a huge financial loss, weeks of hotel guests locked out of rooms, elevators that would not come back online, and countless headlines. 

Ransomware has become so commonplace that it takes attacks like this to make headlines. So, what does this mean for next year? 

Based on conversations with hundreds of organizations around the world and studying millions of anonymized cyber security analytics through Index Engines' CyberSense data integrity software, here are 5 unsettling predictions on the path of ransomware in 2024.

  • It's not going anywhere. Let's get the low-hanging fruit out of the way. Don't expect anything to change in the coming year. Ransomware is profitable - a trillion dollar business - and without international cooperation (and backing), it's not going to slow down. Attack attempts are going to increase. In 2023, there was a short-lived decline in Q1 before they surged by 74% in Q2. With the recent success of both MGM Grand and Clorox's attack (which cost over $25M and made everything from cat litter to cleaning supplies scarce), the momentum is with them and the challenge is on for who can cause an even bigger disruption. 
  • It's going to keep getting smarter. Attacks are going to keep increasing because the cyber criminals keep advancing their ransomware and making attacks more sophisticated and harder to detect. Three "un-detection" methods we expect to be standard: 1. Slower change rates to avoid triggering thresholds, 2. Intermittent encryption that keeps entropy changes in line with normal use, and 3. Signatures will change with every attack and become moot outside of recovery situations.
  • No plan, no insurance. Cyber insurance costs are skyrocketing and limiting the types of attacks they'll cover. The rates surged by 50% in 2022 after a 73% increase in 2021, making cyber insurance a $7.2B industry, but the ransom payouts strained the industry and increased scrutiny over security practices. To qualify for cyber insurance and affordable rates, organizations need a cyber resilience plan. Underwriters need to see organizations are implementing best practices and the latest tools to prevent an attack and be able to recover when one is successful. Add analytics, immutability and machine learning to your security pitch. 
  • Cyber and Storage will converge. Organizations need confidence their data is good and not slowly being infiltrated. This will be the driver for cyber resilience functionality including analytics and machine learning being adapted into storage and backup solutions to proactively look for corruption.  This is going to provide detection in as little as a single snapshot or backup cycle and empower a proactive recovery. Using AI like machine learning looks at how and why things change. Thresholds can be fooled. Signatures can be changed. But leveraging machine learning and analytics to look for how ransomware changes data provides invaluable intelligence on whether the data is clean, or the storage platform has been infected with ransomware. This also empowers a timely recovery by being able to restore pre-infiltration data. 
  • Recover or die. Can your organization survive if it's down for weeks? Months? Maybe. Can it thrive? Never. Prolonged downtime shuts down businesseseven shuttered one hospital after it couldn't submit claims for months after an attack took down its systems. St Margaret's may be the first to admit its closure is due to a cyberattack, but it won't be the last. Stopping the attack should always be the first goal. Then, you need a plan in place that can detect and recover from an attack. Consider: if you detected an attack today, could you confidently restore yesterday's data and be sure there's no ransomware left in the environment? Last week's? Would you need a clean room? If you can't confidently answer this question, your organization may not see 2025. 

##

ABOUT THE AUTHOR

Jim McGann VP, Marketing and Business Development

Jim McGann 

Jim is a globally-experienced marketing and business development executive instrumental in developing key relationships and brand development at Index Engines.  Jim is experienced with both large established software firms and emerging startups and is a frequent writer and speaker in the areas of ransomware recovery, cyber resilience and unstructured data management. 
Published Monday, November 06, 2023 7:30 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2023>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789