Black Hat 2024: Ransomware Gangs — and Their Profits — Continue to Grow

An unnamed Fortune 50 company recently paid a record-setting ransom to get its data back — $75 million, nearly double the amount of the previous record, says Brett Stone-Gross, senior director, threat intelligence for Zscaler, in this conversation at the Dark Reading News Desk during Black Hat USA. Stone-Gross shares findings from the company's threat research and reveals that while the overall growth rate of ransomware attacks has slowed, Zscaler saw an 18% year-over-year increase in attacks. Ransom amounts paid are also on the upswing.

The ransomware gang behind the Fortune 50 attack, Dark Angels, operates quite differently than most ransomware groups. In most instances, ransom groups use affiliates and outsource the attack itself, then move in after the breach, deploy the ransomware, and share the profits. In this case, this group is doing everything themselves. Dark Angels doesn't outsource attacks; the gang also works hard to avoid a business disruption to the victim's network, Stone-Gross explains. "The reason for that is they want to stay out of the headlines to make as much money as they can and pressure these companies to make the payments," he says. "They've been quite effective performing these attacks and staying under the radar."

Stone-Gross also points to an increase in voice-based attacks ransomware attacks where gangs social-engineer their way into a network to take data hostage. And AI is poised to make these attacks even more efficient and profitable, he adds. Protective measures like strong passwords, rotating those passwords, multifactor authentication, and network monitoring are extremely important, Stone-Gross says. Deploying zero-trust policies also helps to mitigate the ransomware risk.

Dr. Brett Stone-Gross is the Senior Director of Threat Intelligence at Zscaler. He holds a Ph.D. in computer science from the University of California, Santa Barbara and has over 20 years of experience in malware analysis and reverse engineering. Brett has authored more than a dozen publications and presented his work at top cybersecurity conferences. He specializes in advanced technical research focused on sophisticated cyber threats.