As ransomware gangs evolve, multi-layered security is essential
Following another year of widespread attacks across every industry, organizations cannot afford to ignore the threat posed by ransomware gangs. Ransomware gangs are constantly innovating, and traditional defense strategies are being outpaced by new threats such as fileless malware and AI-driven attacks.
If we want to protect our businesses, safeguard the economy and keep the lights on in our hospitals and critical national infrastructure, the cybersecurity industry needs to radically rethink its approach.What can we expect from ransomware gangs in 2025?
Ransomware gangs have a way of coming back in one form or another. Given their track record as the world’s most prolific ransomware gangs, it would be wise to assume that LockBit, REvil, and Conti will all make an unwelcome comeback before long. Despite being taken down by the National Crime Agency (NCA) in February last year, unknown individuals claiming to represent the LockBit gang recently hinted at an impending release of a new locker malware, LockBit 4.0. It’s only a matter of time.
Elsewhere, RansomHub, Play and DragonForce are among several new ransomware groups quickly gaining notoriety within the cybersecurity industry. These new gangs share a common characteristic of attacking critical infrastructure. In the US, last year’s American Water shutdown was a catastrophic example of the growing threat ransomware gangs pose to critical infrastructure. In the UK, the impact has become so severe that the government has been pushed to ban local councils, schools and the NHS from making ransomware payments.
Ransomware gangs – old and new – chiefly rely on double extortion tactics, exploiting supply chain weaknesses and DDoS attacks. Organizations that continue to rely on reactive defenses or behavior-based detection are vulnerable to these tactics. Software defenses by themselves are too easily evaded. To truly combat the multi-faceted approach of ransomware gangs, organizations must integrate multi-layered approaches, combining advanced software solutions with proactive hardware defenses, robust backup strategies and rigorous employee training.
