Forms of cyberattacks in constant evolution in 2024

                                                                                                      Mathieu Gras (Digital and Analytics Expert)

In 2024, cybercrime is moving towards targeting and stealing sensitive corporate data to monetize it, going beyond the simple ransom demand.

In short:

• ·        Mutation of ransomware attacks;
• ·        Ransom payments failed;
• ·        Trade secrets at risk;
• ·        Prioritize the security of critical data.

Mutation of ransomware attacks

Attackers are no longer limited to extorting cryptocurrencies by blocking the IS of companies with ransomware, the data stolen during attacks has become a real financial stake for cybercriminals. The democratization of AI tools has allowed them to facilitate intrusions through the sophistication of attacks by allowing them to target the data that is most valuable to them, and in their "market".

Ransom payments failed

Some companies try to negotiate ransoms with their attackers but quickly realize that they are not always interested in paying. The answer is simple, they have surely already taken advantage of the stolen data.

In addition, some attackers threaten companies to publish their data on the internet if the ransom is not paid, while assuring them that they will stop publishing and destroy it if they pay.

In addition, some attackers threaten companies to publish their data on the internet if the ransom is not paid, while assuring them that they will stop publishing and destroy it if they pay.

Trade secrets at risk

The company's strategic data, especially trade secrets, is becoming the preferred target of hackers. Emails, contracts, patents and even production or manufacturing secrets are particularly targeted, with potentially disastrous consequences for the company in the event of theft. At the end of 2023, a company in the leisure sector saw all of its data stolen, the attackers in possession of it could promote the emergence of competitors of the company, thus armed with its manufacturing and marketing secrets.

Priority to the security of critical data:

Strengthening data security is critical, including collaboration between finance and IT security teams to build robust defenses. Identifying sensitive or even strategic data to better protect it is now imperative to guarantee the competitiveness and even the business model of companies in the digital economy.

What you need to remember

Evaluating Impact

The finance function becomes a key partner to the company and its data security experts, both to help understand the value of data and to be able to assess the financial impact and potential economic repercussions of a data breach on the company's financial strategy.