iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Zscaler’s annual ransomware report also notes a new record-high ransomware payment of US$75 million.
Cyber security firm Zscaler has released its ThreatLabz 2024 Ransomware Report, and it paints a particularly grim picture for Australian organisations increasingly in the sites of ransomware gangs.
The United States remains the most targeted nation during the period between April 2023 and April 2024, with a whopping 49.95 per cent of all detected ransomware incidents targeting entities in the country.
While the top five targeted nations are rounded out by the United Kingdom (5.92 per cent), Germany (4.09 per cent), Canada (3.51 per cent), and France (3.26 per cent), Australia sits in seventh place with 2 per cent of all attacks across the globe over the year.
That’s behind Italy, with 3.24 per cent of attacks, but still ahead of more populous nations such as India, with 1.65 per cent, and Japan, with 1.15 per cent.
In total, Zscaler tracked 73 ransomware attacks against Australian targets for the period of April to April, a 5.8 per cent increase on the previous year.
As to the ransomware gangs themselves, while LockBit was clearly the most active group during the period, with 998 attacks – compared to 410 undertaken by the number two operation, BlackCat – Zscaler has said the number one group to watch going forward is the Dark Angels gang.
The group takes the top spot thanks to what can only be called highly discerning tactics, which has allowed it to successfully demand the highest ransom ever paid by a ransomware victim.
“In early 2024, ThreatLabz uncovered a victim who paid Dark Angels $75 million, higher than any publicly known amount – an achievement that’s bound to attract the interest of other attackers looking to replicate such success by adopting their key tactics,” Zscaler said in its report.
Dark Angels’ tactics tend towards picking a single, high-value target and only attacking one target at a time. It can spend days exfiltrating large volumes of data, up to 100 terabytes in some cases. For instance, it attacked an international building automation conglomerate, stole 27 terabytes of data, and demanded a US$51 million ransom after encrypting its VMware ESXi virtual machines.
“The Dark Angels ransomware group’s strategy of targeting a small number of high-value companies for large payouts is a trend worth monitoring,” Zscaler said.
“Zscaler ThreatLabz predicts that other ransomware groups will take note of Dark Angels’ success and may adopt similar tactics, focusing on high-value targets and increasing the significance of data theft to maximise their financial gains.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
