Bad actors are using more aggressive and unscrupulous tactics to acquire personal data and extort ransoms from businesses, according to NTT Security Holdings’ recently released 2024 Global Threat Intelligence Report. Specifically, reported ransomware and extortion incidents surged by 67% in 2023, and are likely to continue growing in the coming year, the report found.
“Our 2023 report highlighted the increase in cyberthreats affecting day to day life, economic conditions and privacy,” said Jeremy Nichols, NTT Security Holdings’ Global Threat Intelligence Center Director. “We expect this to soar in 2024 as threat actors create more sophisticated attacks using artificial intelligence to exploit growing attack surfaces and take advantage of limited cyber budgets and staff shortages.”
While the report did not mention the retail sector specifically, it noted that businesses of all sorts need to be aware of this growing menace and take steps to counteract it.
Critical infrastructure, supply chain and financial services face the most risk from such attacks. The top sectors threat actors are attacking require near perfect uptime because service disruptions can affect lives, making them more likely to pay a ransom to restore access to their vital systems and data. Manufacturing topped the list of attack sectors in 2023 at 25.66% and had the most ransomware victims posted on social channels with 27.75%.
Ransomware operators are also targeting sectors previously considered off limits, including healthcare, non-profits and energy companies, the report notes. “They have threatened to release sensitive medical photos or patient records if ransoms are not paid,” it notes.
Small- and medium-sized enterprises face the largest challenge combating cyberthreats. More than 50% of ransomware victims had less than 200 employees while 66% had less than 500 employees, according to the research.
“Organizations are struggling to defend against routine exploitation, malware, and ransom or extortion threats,” added Nichols. “The predictions and recommendations in our report offer business and technical leaders a roadmap to make quicker and informed decisions to improve their security posture as these threats exponentially escalate.”
Click here for more from the report.