Ransomware attacks are not only going to continue, but hackers are likely to target larger organisations through supply chain vulnerabilities, a recent report by Moody’s said.
The aim of this would be to seek out large payouts and leveraging the vulnerabilities of third-party suppliers to access high-value organisations. This shift in turn is likely to increase the potential credit impact for a higher share of rated companies, Moody’s said.
The report suggests that this may lead to greater and larger adoption of cybersecurity, as well as, more police oversight into such cases.
According to Coveware, a ransomware recovery firm, the share of victims willing to pay ransom to cyber criminals dropped to 28 per cent in the beginning of 2024, compared to 85 per cent in 2019 during the same period.
Moody’s in its report said, “In response to declining revenue per victim, cyberattackers are trying to wring greater profit from their attacks by demanding higher ransoms. We believe they are accomplishing this by shifting tactics and targeting larger businesses that can afford higher payouts.”.
While larger businesses may have more sophisticated securities in place, their business risks in case of ransomware remain high, the report added.
As well-resourced organisations adopt more stringent cyber protection practices, cybercriminals often find the easiest attack path is through vendors that are typically not as well-resourced. Consequently, these supply chain attacks have been growing rapidly, Moody’s said.
Financial institutions, in particular, are under constant threat due to their involvement in managing large amounts of money, investment data, and transactional information.