Ransomware continues to be a looming threat to companies, as evidenced by a recent survey conducted by security provider Cohesity, which found that 83% of respondents had experienced a ransomware attack in the first half of 2024. The outlook for 2025 does not appear to offer any respite from this cyber menace.
A concerning trend highlighted by security provider G Data suggests that newer hacker groups are now taking a more destructive approach with ransomware attacks. Instead of simply encrypting data and holding it for ransom, these emerging cybercriminals are opting to delete the data altogether. According to Tim Berghoff, a security evangelist at G Data CyberDefense, this new generation of hackers possesses less technical expertise compared to established criminal groups.
These hackers are utilizing malware-as-a-service to intentionally disrupt businesses, with an emphasis on causing chaos rather than seeking financial gain. Berghoff cautions that the consequences for affected companies can be severe, particularly for those without adequate backups in place, as they face the risk of total economic devastation.
The pressing question now is how companies will navigate this evolving landscape of ransomware attacks. Despite recommendations from federal authorities urging against paying ransoms, many organizations have opted to do so. The Cohesity survey revealed that 69% of organizations had paid ransoms in 2024, even though 77% claimed to have a “do not pay” policy prior to falling victim to an attack.
As the threat of ransomware continues to evolve and become more damaging, it is crucial for businesses to reassess their cybersecurity measures and ensure they are adequately protected against such attacks. The increasing willingness of hackers to delete data rather than solely encrypt it underscores the importance of implementing robust backup and recovery solutions. Companies must also remain vigilant and proactive in their approach to cybersecurity, staying informed about emerging threats and adopting best practices to safeguard their data and operations. Failure to address this evolving threat landscape could have dire consequences for businesses of all sizes.