Cybersecurity Insights - February 2024

Welcome to the second cybersecurity insights newsletter of 2024!

In this edition, we cover everything you need to know about ransomware including the latest news, predictions, and how you can assist your organisation in mitigating ransomware attacks.

Get Updates straight to your inbox!

Subscribe to our newsletter to stay informed about the most recent developments at Secora Consulting, as well as receive updates on the latest cybersecurity developments and breaches.

A recent report by Chainalysis revealed that ransomware payments skyrocketed in 2023, reaching €924 million ($1.1 billion), surpassing 2021’s record of €907 million ($983 million).

As we look to the year ahead, predictions indicate that ransomware attacks will continue to persist, evolve and dominate headlines. Trends in ransomware attacks are predicted to include:

• Attackers are adopting an opportunistic mindset by taking advantage of Zero-day vulnerabilities before proof of concept code becomes available.
• Attackers are increasingly using Rust, as their primary coding language, making it increasingly harder for security researchers to reverse engineer and analyse the data.?
• Ransomware groups are increasingly prioritising data theft and exfiltration over encryption.

At this early stage of the year, we’re already witnessing a significant uptick in ransomware attacks targeting a variety of businesses, including:?

• MEDUSA ransomware group has struck again, targeting Amoskeag Network Consulting Group LLC and Kadac Pty Ltd
• Hyundai Motor Europe suffered a Black Basta ransomware attack
• Ransomware attack on healthcare management system has affected 100 hospitals across Romania
• Schneider Electric suffered a disruption to its systems after being hit by a ransomware attack.
• Attacks continue against organisations in the Aviation Finance industry, with Willis Lease Finance Corporation (WLFC) the latest to be hit with a Ransomware attack according to multiple sources.

Amidst the news on attacks, a significant milestone in the fight against ransomware has been shared by Europol. The notorious LockBit ransomware gang has been taken down through a coordinated global law enforcement operation.

The ‘ransomware-as-a-service’ group first emerged at the end of 2019. Since then, it has grown rapidly and in 2022 became the most deployed ransomware variant across the world.

While ransomware attacks are becoming more prevalent, there are still some simple things that can be done to defend your organisation from them. We have listed some of the main ones below:?

• Maintain offline, encrypted backups and regularly test them.
• Create and exercise a cyber incident response plan through facilitated Crisis Management Exercises.
• Implement a zero trust architecture to prevent unauthorised access.
• Patch and update software and systems regularly to close vulnerabilities.
• Limit exposure of services like Remote Desktop Protocol to the web.
• Implement phishing-resistant multi factor authentication for all services.
• Use antivirus and anti-malware solutions, keeping them up-to-date.

A Crisis Management Exercise is a method of evaluating and improving an organisation’s incident response / crisis management capabilities by simulating a crisis scenario. Conducting this type of exercise can provide several benefits, including:

• Improving the organisation’s overall crisis management capabilities by providing hands-on training and experience
• Identifying vulnerabilities in the organisation’s incident response / crisis management plan and procedures
• Improving communication and coordination within the organisation during a crisis
• Building confidence and trust in the organisation’s ability to handle a significant incident

As malicious actors continue to innovate and adapt, identifying cybersecurity vulnerabilities can become an increasingly difficult task without guidance and expertise.

Our suite of cybersecurity services offer reliable protection against potential risks. From penetration testing to compliance readiness, we arm your organisation with the necessary defences to identify vulnerabilities, fortify against attacks, and maintain a posture of readiness against the unexpected.

Let our team of experts provide the specialised services that drive your success. Reach out today to build a partnership that grows with your business.