Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In 2024, ransomware continues to be the most prevalent form of cyber-attack, affecting three out of four organisations, according to Veeam. The increasing frequency and sophistication of these attacks are driven by easy access to ransomware kits on the dark web and the significant profits cybercriminals generate through extortion schemes.

Prompted by a new era of cyber-attacks surging downtime and data breaches, the Digital Operational Resilience Act (DORA) regulation came into force on 17th of January to reshape how organisations approach security, privacy and cybersecurity. Cybercriminals are becoming increasingly daring and creative, with an expected rise in the exploitation of new vulnerabilities in 2025.

Qilin operates as an affiliate program for Ransomware-as-a-Service, employing a Rust-based ransomware to target victims. Qilin ransomware attacks are often tailored for each victim to maximize their impact, utilizing tactics like altering filename extensions of encrypted files and terminating specific processes and services.

Emerging between late 2022 and the beginning of 2023, Cloak Ransomware is a new ransomware group. Despite its activities, the origins and organizational structure of the group remain unknown. According to data from the group’s DLS (data leak site), Cloak has accessed 23 databases of small-medium businesses, selling 21 of them so far. Out of these, 21 victims paid the ransom and had their data deleted, 1 declined and 1 is still in negotiations, indicating a high payment rate of 91-96%.

Recent research indicates that only 25% of organizations have incident response plans. Without such plans, companies are extremely susceptible to potential cyberattacks, and the stark business reality is that they take much longer to recover. Unfortunately, there are daily examples of major data breaches where a particular company’s incident response could have been managed more effectively.