In 2024, we expect the ransomware threat will continue taking an opportunistic turn—a trend that we first highlighted in 2022, gained momentum throughout 2023 (marked by multiple advisories, culminating in the ongoing CitrixBleed exploitation), and is projected to reach maturity this year.
Acceleration of Opportunistic Ransomware with Zero-Day Exploits
In 2024, ransomware threat actors will continue adopting a more opportunistic mindset.
Streamlining Victim Assessment and Triage
Opportunistic attacks, executed by initial access brokers or ransomware affiliates, swiftly gain access to hundreds or thousands of networks.
Modernization of Ransomware Code
Ransomware developers are increasingly adopting Rust as their primary programming language. Rust allows developers to write more secure code, while making it harder for security researchers to reverse engineer and analyze.
Continuous Shift Towards Data Theft Over Ransomware Encryption
Data encryption will continue to be part of the arsenal for sophisticated ransomware groups, but it will take on a supplementary role.
Elevation of Ransomware Groups to Higher Sophistication
The shift from security generalists to increased specialization is fueled by the profit-sharing model of criminal groups, a more accurate term for the Ransomware-as-a-Service (RaaS) business model.
Disruption of State-Sponsored Techniques by Ransomware Groups
The increasing sophistication of ransomware groups in 2024 will lead to the widespread adoption of tools and techniques traditionally associated with state-sponsored threat actors.
In summary, 2024 is anticipated to be another year of ransomware. However, it’s critical to recognize that the ransomware business model has evolved significantly…read the full art. on ”bitdefender.com”