Black Hat 2024: Ransomware Gangs — and Their Profits — Continue to Grow

Brett Stone-Gross, senior director, threat intel for Zscaler, joins Dark Reading's Terry Sweeney at News Desk during Black Hat USA to share findings from the company's ThreatLabz ransomware research.

Terry Sweeney, Contributing Editor

August 14, 2024

10 Min View
Source: Dark Reading

An unnamed Fortune 50 company recently paid a record-setting ransom to get its data back — $75 million, nearly double the amount of the previous record, says Brett Stone-Gross, senior director, threat intelligence for Zscaler, in this conversation at the Dark Reading News Desk during Black Hat USA. Stone-Gross shares findings from the company's threat research and reveals that while the overall growth rate of ransomware attacks has slowed, Zscaler saw an 18% year-over-year increase in attacks. Ransom amounts paid are also on the upswing.

The ransomware gang behind the Fortune 50 attack, Dark Angels, operates quite differently than most ransomware groups. In most instances, ransom groups use affiliates and outsource the attack itself, then move in after the breach, deploy the ransomware, and share the profits. In this case, this group is doing everything themselves. Dark Angels doesn't outsource attacks; the gang also works hard to avoid a business disruption to the victim's network, Stone-Gross explains. "The reason for that is they want to stay out of the headlines to make as much money as they can and pressure these companies to make the payments," he says. "They've been quite effective performing these attacks and staying under the radar."

Stone-Gross also points to an increase in voice-based attacks ransomware attacks where gangs social-engineer their way into a network to take data hostage. And AI is poised to make these attacks even more efficient and profitable, he adds. Protective measures like strong passwords, rotating those passwords, multifactor authentication, and network monitoring are extremely important, Stone-Gross says. Deploying zero-trust policies also helps to mitigate the ransomware risk.

Dr. Brett Stone-Gross is the Senior Director of Threat Intelligence at Zscaler. He holds a Ph.D. in computer science from the University of California, Santa Barbara and has over 20 years of experience in malware analysis and reverse engineering. Brett has authored more than a dozen publications and presented his work at top cybersecurity conferences. He specializes in advanced technical research focused on sophisticated cyber threats.

About the Author

Terry Sweeney

Contributing Editor

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, Network World, InformationWeek and Mobile Sports Report.

In addition to information security, Sweeney has written extensively about cloud computing, wireless technologies, storage networking, and analytics. After watching successive waves of technological advancement, he still prefers to chronicle the actual application of these breakthroughs by businesses and public sector organizations.


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights