2024 has featured several global actions that have successfully crippled ransomware groups like LockBit.
This has meant fewer attacks against banks, the technology sector and public institutions compared to 2023.
Even so, a single ransomware attack cost the car industry more than 600 million. dollars in the first half of the year. At the same time, 2024 has so far shown that AI is being used increasingly aggressively by cybercriminals. The figures come from a new half-yearly report from the cyber security company Trend Micro, which has taken the temperature of cyber security in the first half of 2024.
The first part of 2024 featured the spectacular Operation Cronos against LockBit. The operation was launched as an international action focused on crippling the infrastructure behind LockBit, which until then was one of the world’s most active ransomware groups. The action, which was created as a collaboration between the authorities and, among other things, Trend Micro, resulted in the shutdown of a number of servers and the exposure of LockBit’s network. The operation significantly destabilized the group and reduced its ability to carry out new attacks.
Andreas Christensen, regional director for Trend Micro i Norden
Significant attack on the car industry
Despite Operation Cronos, the first half of 2024 showed that ransomware attacks can still hit an entire industry and lead to millions of losses. A striking example was the attack against CDK Global, which supplies software to car dealers and the automotive industry. The attack meant that CDK Global ended up paying a ransom of 25 million. dollars in bitcoin to restore its systems. The attack caused a two-week shutdown of CDK Global’s software platform, affecting up to 15,000 car dealerships in the US, including major chains such as AutoNation and Group 1. The shutdown cost car dealers more than $600 million in lost revenue.
Banks, the technology sector and public organizations are still hardest hit by ransomware
In the first half of 2024, the banking sector was hit by 3,566 ransomware attacks, the technology sector suffered 3,544 attacks, while public organizations experienced 2,257 attacks. Despite a decrease in the number of attacks compared to 2023, when the banking sector was hit by 9,034 attacks, the technology sector by 5,073 attacks and public organizations by 5,073 attacks, the three sectors remain particularly vulnerable targets.
“The international actions against ransomware have had a noticeable effect on cybercriminal networks like LockBit. By crippling their infrastructure and making it difficult for them to continue, we have seen a decrease in the number of attacks against banks and technology companies in particular. Yet they are still among the hardest hit. Their critical infrastructure and the large amounts of sensitive data make them attractive targets for cybercriminals,” says Andreas Christensen, regional director of Trend Micro i Norden.
Artificial intelligence and deepfakes are gaining ground
The report also reveals that AI is increasingly being used for increasingly sophisticated attacks. One example is AI-based fraud, where cybercriminals use deepfakes in business email compromise attacks and to avoid verification in the banking sector’s KYC (Know Your Customer, an identification process to confirm customers’ identity) processes. Criminals also try to bypass the security controls found in generative AI models such as ChatGPT to create malicious scripts. This means that criminals no longer need to develop their own models, but can instead abuse existing technologies.
“We generally see an increase in AI-based attacks. It is therefore crucial that Danish companies upgrade their cyber security to be able to withstand this type of threat. Companies should integrate AI-based detection tools, update security policies and train employees to recognize deepfakes and phishing attacks. Furthermore, it is important to ensure that all systems are correctly configured and protected against abuse using generative AI models,” explains Andreas Christensen.
Source: it-kanalen.dk
