Helping to Protect Against Ransomware with Verizon

Rising ransomware risks in 2024

Ransomware today may seem to function like a multi-layered nightmare straight out of the movie Inception, where each layer adds new pressure and complexity. 

From encrypting data to threatening customers and launching denial-of-service (DDoS) attacks, ransomware campaigns have evolved into relentless extortion schemes. It’s no surprise that 92% of industries now list ransomware among their top threats, according to the 2024 Data Breach Investigations Report (DBIR)

Globally, ransomware attacks from January through June 2024 reached 2,321 incidents, slightly higher than in the first half of 2023, according to the Office of the Director of National Intelligence (ODNI). 

The 2024 DBIR also found that 32% of breaches involved ransomware and extortion tactics. And the median loss associated with the combination of ransomware and other extortion breaches was approximately $46,000. 

Meanwhile, Ransomware-as-a-Service (RaaS) is democratizing ransomware with ready-to-use tools that give even low-skilled threat actors the ability to launch sophisticated attacks. One high-profile case involved the CL0P ransomware group, which leveraged zero-day vulnerabilities to impact over 8,000 global organizations, demonstrating how accessible ransomware toolkits can wreak havoc on under-prepared systems.

Another example involved the Trinity attacks on healthcare providers, where RaaS tools compromised critical infrastructure. RaaS effectively lowers the barrier to entry, enabling even insiders or unsophisticated threat actors to launch destructive ransomware campaigns. 

These examples illustrate the urgent need for organizations to deploy proactive defenses, such as Verizon’s tailored ransomware capabilities, to help counter increasingly accessible and destructive ransomware. To help counter the evolving tactics, organizations need advanced defenses that can help them to anticipate, isolate, and neutralize threats before they escalate. Verizon can help safeguard against such tactics, especially in high-risk industries and critical infrastructure, using capabilities that can offer tailored, defense-in-depth solutions.

Verizon’s proactive ransomware defenses

Verizon’s cybersecurity threat intelligence capabilities and other defensive capabilities can help organizations better anticipate and respond to ransomware attacks. 

Verizon's expansive global network, for example, can help monitor and rapidly respond to network-based threats. With a presence in over 150 countries, Verizon's network infrastructure is designed for high capacity and fast performance, using a standards-based 100 Gigabit Ethernet on its IP backbone network. This advanced level of threat intelligence combined with human expertise helps monitor threats, validate alerts and quickly contain complex ransomware attacks.

Verizon's capabilities also provide visibility into network packet data, recording all traffic from any network segment and allowing analysts to explore historical data retrospectively with the most up-to-date threat intelligence. This improves real-time situational awareness and provides a forensic workbench for incident response teams and threat hunters. 

What’s more, Verizon’s proactive network defenses can enhance ransomware protection through 24/7 DDoS mitigation that can help counteract disruptions during high-stakes attacks. 

Additional defensive services

Another key Verizon service is its Rapid Response Retainer (RRR), which offers organizations proactive incident response planning to help mitigate risks and control costs associated with cyber incidents. By leveraging Verizon's expertise and resources, organizations can help effectively manage and reduce downtime during ransomware attacks.

Verizon’s comprehensive breach simulations can help to develop a rapid response plan that customers can leverage to help mitigate financial and operational losses when faced with an actual ransomware incident. By running simulation exercises, an organization is able to build ‘muscle memory’ across its team, strengthening its recovery and resilience.

According to recent research into AI-driven anomaly detection, AI-driven threat detection systems can now deliver strong, scalable ransomware detection capabilities with greater than 95% accuracy, maintaining consistent detection accuracy and speed as the number of nodes increases. AI-driven threat detection not only identifies ransomware behaviors but also alerts organizations to help prevent serious damage. Advances in AI also support endpoint monitoring and encryption detection, which can be used to help clients recover without requiring them to pay ransom to resolve such attacks. Verizon’s goal is to forecast and track ransomware attacks similarly to the way weather forecasters predict a storm to help clients better prepare in advance. 

Verizon’s Threat Research Advisory Center (VTRAC), with more than 25 years of security experience, annually shares its investigative research expertise in industry-recognized publications such as the DBIR and the Mobile Security Index (MSI).

Tailored solutions for prime targets

Verizon’s approach to ransomware defense is particularly crucial for industries identified as high-risk targets. Critical Infrastructure (CI) sectors such as healthcare, energy, manufacturing and public services are increasingly vulnerable to attacks that can disrupt essential services or even jeopardize public safety. 

According to the 2024 MSI, 90% of energy and utilities leaders believe that managing the nation’s critical infrastructure makes them a prime target for cybercriminals, while 85% of public sector respondents state that breaches could endanger lives if critical services are disrupted.

For instance, one attack on a U.S. municipal water authority by hacktivist group Cyber Av3ngers involved defacing workstations and manipulating industrial control systems (ICS) to disrupt public services, as documented in the 2024 DBIR.

And in a hypothetical scenario, if a mid-sized investment firm detected unusual activity in its trading systems, this would likely indicate an attempted ransomware attack. Using Verizon’s AI-driven detection capabilities, the firm could quickly identify and isolate the compromised system, preventing ransomware from encrypting sensitive financial data. Verizon’s Rapid Response Retainer (RRR) team could also investigate and help contain such threats, enabling the firm to resume trading with minimal disruption.

Such incidents underscore the need for tailored defenses, like those Verizon offers, which are specifically adapted to help protect healthcare, finance, manufacturing, and other essential public services. These solutions can help lower risks for CI organizations by addressing the unique challenges they face, including the increasingly interconnected nature of modern technologies.

Partnerships and collaborative defenses

As technologies are increasingly interconnected, ransomware defenses must extend beyond individual organizations. The challenges faced by critical infrastructure providers, as seen with the CL0P ransomware gang attack, can often ripple through entire ecosystems, exposing vulnerabilities in third-party suppliers and interconnected systems.

Recognizing this need, Verizon emphasizes collaboration with industry partners to strengthen security across supply chains and manage third-party risks. The 2024 DBIR calculated a supply chain interconnection influence in 15% of breaches, which is a 68% increase from the prior year. This highlights the importance of building industry-wide defenses to address shared risks.

Verizon collaborates with Information Sharing and Analysis Centers (ISACs), government agencies, and private organizations to share threat intelligence and develop collective defenses. Using its Vocabulary for Event Recording and Incident Sharing (VERIS) framework, Verizon enables organizations to record and share security incidents with a standardized approach that fosters collaboration across industries, improving ransomware responsiveness.

Verizon: Your trusted ransomware defense partner

Verizon’s capabilities are designed to help enterprises anticipate, respond, and lower ransomware risks using a multi-layered, defense-in-depth approach that includes advanced threat intelligence, AI-driven detection, and rapid incident response. 

By partnering with Verizon, CISOs and security leaders can help fortify defenses, reduce the impact of ransomware, and improve operational resilience. Learn how Verizon’s tailored capabilities can help protect your organization — contact our experts or explore our ransomware defense resources today.

The author of this content is a paid contributor for Verizon.