Don’t Wait for Ransomware: RiskBusters Shows How to See It Coming

Written by: Bob Maley

Ransomware is a significant concern for many businesses, and understandably so. Black Kite’s State of Ransomware Report 2024 found that ransomware attacks increased from 2,700+ to almost 4,900 businesses within twelve months. When faced with these numbers, most companies believe that they can’t predict when and where these ransomware groups will choose to attack. As a result, they end up following a “prepare for the worst” mindset, heavily investing in measures to recover from a ransomware attack because they assume that they could fall victim at any given moment.

But are these attacks as random as they seem? Is there a way to accurately predict which companies are at high risk of ransomware, or will the motivations and actions of these cybercrime groups forever remain a mystery? On our latest episode of RiskBusters™️ we examine the facts to find out.

Fact: Preparing for Ransomware Recovery Is Important 

Most businesses understand the importance of preparing for ransomware by buying cyber insurance and creating immutable backups. While setting up these recovery measures is essential, most businesses stop there. They expect to be ransomware victims at some point and take action accordingly. It’s a “wait and see” approach since these businesses assume they can’t do anything else to prepare. But is this entirely true?

Fact: Ransomware Groups Have Complex Motivations 

If we could get into the heads of these ransomware groups and understand why they target specific businesses, that could help us make a more educated guess as to which organizations will become their next victims.

But this is easier said than done. Cybercriminals operate within a complex ecosystem and view businesses from a different perspective than us on the inside. So, to get past the “wait and see” approach, we would need to dig deeper into these attackers’ motivations, communities, and past patterns. In other words, we’d need to start thinking like hackers — something many businesses don’t have the resources or expertise to do. 

Fact: The Future Will Always Be Uncertain 

Even if we can uncover some of the complex motivations and patterns behind ransomware groups’ actions, no one can predict the future with 100% accuracy. So, the best that businesses can do is calculate probabilities. Essentially, they need to understand the likelihood of an attacker targeting them or one of their third-party resources. These calculations seem like a lot of guesswork, which is why many businesses default to the “wait and see” approach instead. 

A More Strategic Way to Prepare for Ransomware Attacks

Assuming that your business will inevitably fall victim to a ransomware attack at some point is a stressful way to live. However, many organizations believe that they have no other choice. They think that the best they can do is buy a robust cyber insurance plan and then wait and see what happens next. 

Because this is a significant concern for so many businesses, our RiskBusters™️ decided to test this claim. We ask if this prepare-for-the-worst mentality is truly the only way to prepare for ransomware and discuss whether or not there are ways to accurately gauge the likelihood of a ransomware attack on you or one of your third-party resources. Watch the video to learn more: 

Check Out Episode 2 Now!

Spoiler alert: There is a way to see where ransomware might strike next.

It’s called the Black Kite Ransomware Susceptibility Index^® (RSI^TM). As demonstrated in the RiskBusters™️ episode, we’ve analyzed the tools, tactics, and procedures of bad actors and developed an algorithm based on these insights to determine the likelihood of any particular vendor being targeted by ransomware.

Want to get a glimpse into how ransomware groups think about your business? Black Kite brings together intel from OSINT sources such as internet-wide scanners, hacker forums, and the dark web to better understand the motivations behind ransomware attacks. See your Ransomware Susceptibility Index score for free.

To learn more about common TPRM assumptions and see if they’re fact or fiction, subscribe to our YouTube channel so you can catch all of our RiskBusters™️ episodes!