Cybercriminals are increasingly targeting larger organisations to maximise their profits through ransomware attacks, according to a recent report by Moody’s. The financial services giant warns that hackers are exploiting vulnerabilities in supply chains to infiltrate high-value companies, demanding exorbitant ransoms. This shift in strategy could significantly impact the creditworthiness of many rated firms, as the financial and reputational risks associated with these attacks continue to grow.
Rise in ransomware attacks
Globally, ransomware attacks surged by 70% between 2022 and 2023, both in frequency and ransom amounts. The highest known ransom payout in 2024 reached an unprecedented $75 million, compared to $38 million the previous year. However, there is a silver lining—fewer victims are acquiescing to ransom demands.
Coveware, a ransomware recovery firm, reported that only 28% of victims agreed to pay hackers in early 2024, a sharp decline from 85% in 2019. This trend reflects a growing resistance among organisations, spurred by increased cybersecurity measures and stricter law enforcement oversight.
Focus on larger organisations
With fewer victims willing to pay, hackers are shifting their focus to larger businesses that can afford higher payouts. Moody’s notes that cybercriminals are adjusting their tactics to increase their profit margins by targeting high-value industries, including finance, technology, healthcare, and logistics.
“While larger businesses often have sophisticated security measures, their risk of significant business disruption in the event of a ransomware attack remains high,” the report emphasised.
Supply chain vulnerabilities
Supply chain attacks have become a favoured method for cybercriminals to breach organisations indirectly. These attacks exploit the trust between companies and their suppliers, allowing hackers to infiltrate target systems via less secure third-party vendors.
“As well-resourced organisations adopt stringent cybersecurity practices, cybercriminals are increasingly targeting vendors with weaker security frameworks,” Moody’s explained. These supply chain attacks are growing rapidly, exposing even well-protected firms to significant risks.
Many businesses rely on intricate networks of suppliers and service providers, creating a sprawling attack surface. Even a single weak link in this chain can provide cybercriminals with the access they need to execute their attacks.
Generative AI and phishing attacks
Phishing, a longstanding method used by hackers, has been supercharged by the advent of generative artificial intelligence (GenAI). With tools like OpenAI’s ChatGPT, cybercriminals can craft highly personalised and convincing phishing emails that mimic legitimate communications from trusted entities.
A study by the Institute of Electrical and Electronics Engineers (IEEE) in March 2024 revealed that 60% of participants fell victim to GenAI-powered phishing attacks. The automation of these attacks has drastically reduced operational costs for hackers, making them more accessible and increasing their frequency.
Cybersecurity firm Zscaler reported a 58% rise in phishing attacks in 2023, directly correlating with the public release of advanced GenAI tools.
Key defence strategies
As cyber threats escalate, organisations must adopt robust defence mechanisms to safeguard their operations. Moody’s highlights several strategies to combat the growing threat of cyberattacks:
More Read
- Enhanced vendor risk management: Companies should enforce strict security standards for third-party vendors and conduct regular security audits to ensure compliance.
- Zero trust security model: Adopting a zero-trust approach, where no user or system is trusted by default, can limit unauthorised access even if a breach occurs through a third-party supplier.
- Continuous monitoring and detection: Regular monitoring of networks and systems, including those of suppliers, can help detect suspicious activity early, preventing minor breaches from escalating.
Outlook and recommendations
Moody’s warns that as hackers refine their methods and exploit new technologies, the threat landscape will continue to evolve. Larger organisations, despite their advanced security measures, remain prime targets due to their ability to pay higher ransoms and their reliance on complex supply chains.
To mitigate risks, businesses must not only invest in cutting-edge cybersecurity but also foster a culture of vigilance and preparedness. Collaboration with industry peers, government agencies, and cybersecurity experts will be essential to staying ahead of increasingly sophisticated cybercriminals.
In an era where data breaches and ransomware attacks can cripple operations, proactive defence is no longer optional—it is an imperative for survival in the digital age.
