A recent report by Zscaler’s ThreatLabz revealed the largest ransomware payment ever made to the Dark Angels group, with a Fortune 50 company reportedly paying $75 million [6], nearly double the previous highest known ransom payout [3].

Description

This incident occurred in early 2024 [4], with speculation pointing to pharmaceutical giant Cencora as the victim [4]. The report also highlighted an 18% annual increase in ransomware attacks blocked by Zscaler [1], identified 19 new ransomware families [4], and noted a 17.8% increase in attacks blocked compared to the previous year. Additionally, there was a 57.8% increase in extorted companies appearing on data leak sites. Dark Angels [1] [2] [3] [4] [5] [6], known for their highly targeted approach, typically attacks a single large company at a time and steals vast amounts of information [1]. The group has been operating since around May 2022 and had a failed $51 million ransom demand in September 2023 [4]. The US accounted for nearly half of all ransomware attacks [4], with other countries like the UK [4], Germany [4], Canada [4], and France also at high risk [4]. Organizations are advised to prioritize Zero Trust architecture to enhance their security posture against escalating ransomware threats [1].

Conclusion

The unprecedented $75 million ransom payment to the Dark Angels group is expected to set a dangerous precedent for other cyber criminal groups, leading to more high-value ransom demands in the future [2]. The success of Dark Angels in securing such a large payment highlights the growing threat of ransomware attacks and the significant financial impact they can have on organizations [2]. Despite the ability to pay such a hefty sum [2], the organization likely suffered severe consequences from the attack [2], emphasizing the devastating effects of ransomware incidents [2]. Zscaler’s ThreatLabz predicts that other ransomware groups may adopt similar tactics after seeing Dark Angels’ success [6], as the US remains a top target for ransomware attacks [6], with the number of attacks doubling in 2024 compared to the previous year [6].

References

[1] https://www.infosecurity-magazine.com/news/researchers-largest-ransomware/
[2] https://www.computerweekly.com/news/366599064/Breach-costs-soar-as-record-ransomware-payment-made
[3] https://markets.businessinsider.com/news/stocks/zscaler-s-annual-ransomware-report-uncovers-record-breaking-ransom-payment-of-us-75-million-reinforcing-the-need-for-zero-trust-1033610068
[4] https://www.techradar.com/pro/security/a-notorious-ransomware-group-has-received-the-largest-ransom-payment-ever
[5] https://gigazine.net/gsc_news/en/20240731-dark-angels-ransomware-receives-75-million/
[6] https://me.pcmag.com/en/security/25039/fortune-50-company-made-record-breaking-75m-ransomware-payment