Cybersecurity firm Zscaler has revealed that the Dark Angels ransomware group received an unprecedented $75 million ransom payment from a single victim in a shocking development that underscores the escalating ransomware threat.
This staggering sum nearly doubles the $40 million paid by insurance giant CNA Financial in 2021, marking a new milestone in the history of cybercrime.
How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide
The revelation comes from Zscaler’s ThreatLabz 2024 Ransomware Report, which paints a grim picture of the current cybersecurity landscape. According to the report, ransomware attacks have surged by 17.8% year-over-year, with the manufacturing, healthcare, and technology sectors bearing the brunt of these malicious activities.
According to ThreatLabz’s latest report on ransomware trends, the number of companies targeted by ransomware attacks and listed on data leak sites has increased by 57.81% since last year.
Dark Angels, a relatively low-profile ransomware group that emerged in May 2022, has quickly risen to prominence with this record-breaking extortion. The group employs a highly targeted approach, typically focusing on a single large company at a time. This strategy contrasts sharply with most ransomware groups, which often target victims indiscriminately and rely on affiliate networks.
The Dark Angels group’s modus operandi involves stealing vast amounts of data, ranging from 1-10 terabytes for typical targets to 10-100 terabytes for large businesses. This data exfiltration process can take days or even weeks to complete.
While the identity of the $75 million ransom victim remains undisclosed, speculation has arisen about potential targets. One Fortune 50 company that suffered a cyberattack in February 2024 is pharmaceutical giant Cencora, ranked #10 on the list. However, no ransomware gang has claimed responsibility for this attack, potentially indicating that a ransom was paid.
The success of Dark Angels’ strategy will likely influence other ransomware groups, potentially leading to a shift towards more targeted, high-value attacks.
Ransomware keeps changing and getting worse. This shows that all organizations can be attacked. The huge ransom paid to Dark Angels is a strong reminder that we really need better cybersecurity in all sectors and industries.
Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access