OpenText reveals 2024 nastiest malware, LockBit leads list

OpenText has published its 'Nastiest Malware of 2024' list, identifying key cybersecurity threats, including ransomware attacks that particularly target critical infrastructure.

OpenText's cybersecurity experts have noted that ransomware remains a significant threat. A focus on critical infrastructure prompts a call for increased security measures. Organisations are consequently expected to boost their cybersecurity spending by 14.3%, amounting to over USD $215 billion in 2024.

The report identifies LockBit as the preeminent ransomware-as-a-service (RaaS) provider for 2024. Despite numerous law enforcement efforts to dismantle the group, LockBit persists in its attacks, particularly targeting critical infrastructure. The Federal Bureau of Investigation (FBI) indicated in its 2023 Internet Crime report that LockBit was involved in 175 attacks on critical infrastructure.

"Ransomware attacks on critical infrastructure are on the rise, and cybercriminals are increasingly using artificial intelligence to develop highly personalised threats, which significantly endangers national security and public safety," stated Muhi Majzoub, Executive Vice President and Chief Product Officer at OpenText. "However, the increased attention on ransomware and cybersecurity is encouraging, as more organisations are proactively prioritising cybersecurity investments. This commitment highlights their dedication to safeguarding essential services from evolving threats."

LockBit aims to target one million businesses, indicating the ambitious scope of its operations. Despite facing persistent law enforcement challenges, it remains a significant threat in the ransomware landscape.

Other notable entries on the list include Akira, a new ransomware making significant inroads, particularly in the healthcare, manufacturing, and finance sectors, with aggressive encryption techniques. RansomHub, rumoured to be linked to the Black Cat group, emerged with high-profile targets, including Planned Parenthood, where it compromised sensitive patient data.

Dark Angels ransomware has marked its presence with high-stake attacks on top-tier organisations, securing substantial ransom payments. Redline Stealer, while not categorically ransomware, has become a formidable threat, specialising in credential and information theft across various sectors. Play Ransomware has also made significant impacts with its versatility and focus on exploiting vulnerabilities, notably within FortiOS systems and RDP servers.

The findings from OpenText's 'Nastiest Malware of 2024' report underscore the escalating risks of sophisticated malware targeting critical sectors. The persistence and adaptability of ransomware groups like LockBit and emerging threats such as Akira, RansomHub, and Dark Angels highlight the ongoing evolution in cybercriminal tactics.

As these threats continue to grow, organisations across industries are likely to focus on strengthening their security measures, enhancing threat detection capabilities, and increasing investment in cybersecurity initiatives to protect against the wide-reaching impact of these malicious activities.