Ransomware attacks on financial firms in USA increased in 2024

    Cybersecurity Platform

    Ransomware attacks are increasingly affecting organizations worldwide, with no country or sector remaining completely shielded. According to a recent study by Trustwave SpiderLabs, businesses in the United States were particularly targeted by ransomware in 2024, with a notable concentration of attacks on the financial sector, including banks and credit unions.

    The frequency of these attacks surged by 64% this year, up from 51% last year. Brazil and Canada followed as the second and third most affected countries, respectively.

    The Trustwave SpiderLabs report identifies two prominent Russian cybercrime groups, LockBit and ALPHV (also known as BlackCat), as the primary perpetrators targeting the IT infrastructure of financial institutions. These groups are at the forefront of ransomware attacks, exploiting vulnerabilities in the financial sector.

    Double extortion tactics have also become more sophisticated. For example, the BlackCat group targeted Change Healthcare with malware, while another group, RansomHub, threatened to release stolen data from the same healthcare firm if a $22 million ransom was not paid promptly. Subsequent investigations revealed that two groups had collectively hacked into the network of a United Health subsidiary. Initially, one group achieved financial gain, but when they refused to share the proceeds, the second group directly approached the victim for their cut.

    Financial institutions are particularly vulnerable to ransomware due to the vast amount of sensitive data they hold, which can be extremely lucrative for cybercriminals. This has led to several banks and credit unions suffering from extended downtimes and ongoing recovery efforts. For instance, PatelCo Credit Union is still grappling with the repercussions of such an attack, struggling to fully mitigate the damage.

    Ad
    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display