Securin’s 2024 Ransomware Report: What IT Providers Should Know About Smarter AI Attacks

Writer: Jordan Sprogis

Jordan Sprogis, Contributing Expert

Jordan Sprogis is a creative writer and tech researcher who has been working on online content for the better part of a decade. She holds a bachelor's degree in professional writing from Western Connecticut State University and has devoted much of her career to crafting content for various web verticals, including CyberSpyder and The Echo. Since joining HostingAdvice, Jordan has combined her storytelling ability with her fascination for advancements in technology to pen over 500 articles geared toward industry pros and newcomers alike.

Editor: Lillian Castro

Lillian Castro, Senior Editor

Lillian Castro brings more than 30 years of editing and journalism experience to our team. She has written and edited for major news organizations, including The Atlanta Journal-Constitution and the New York Times, and she previously served as an adjunct instructor at the University of Florida. Today, she edits HostingAdvice content for clarity, accuracy, and reader engagement.

Reviewer: Cristian Lopez

Cristian Lopez, News Manager

Cristian Lopez uses his Business Marketing background from the University of Illinois at Chicago to create comfortable environments for customers, clients, and colleagues to share their thoughts and ideas openly. From interviewing tech leaders to conducting UX market research projects, Cristian knows the importance of storytelling — a key variable for innovation and inspiration. His goal at HostingAdvice is to wow readers on the ever-evolving nature of the tech industry and bring his audience the most reliable and exciting content on all things hosting.

Follow the HostingAdvice team for a daily dose of tech news, trending IT discussions, and interviews with the web's most innovative technologists.
Follow Us:
2.7k
1k

Computer and network security company Securin just released its 2024 Ransomware Report, which highlights one common thread: Thanks to genAI, ransomware threats are getting smarter.

Aviral Verma, a lead security analyst at Securin  whose research contributed to the report, said the ransomware attacks we see now “prove the lengths that hackers are willing to go to access critical data.”

As a quick refresher, ransomware is malware that locks or encrypts data. Hackers typically demand a ransom to restore access. If it’s not paid, they threaten to leak or exploit the stolen data.

Hosting providers are prime targets because they store tons of sensitive customer information and often host multiple tenants on the same infrastructure, making the impact of an attack much bigger.

All it takes is one phishing email, one unpatched plugin, or one poorly secured remote access point. Shared hosting models are especially at risk because they typically don’t have strong isolation models.

Securin’s report breaks down the ransomware landscape into five sections.

HostingAdvice focused on the key findings and spoke with Verma to get an inside look at which ransomware groups are the most aggressive and which industries are feeling the biggest impact.

GenAI Is Fueling Smarter Ransomware Attacks

The report started with something most industry experts already know to be true: GenAI is used as both a weapon and a target.

For threat actors, genAI allows for faster, more personalized, and scalable attacks. For defenders, it offers the promise of faster detection, automated response, and predictive threat mitigation.

Securin infographic
Just like bots, genAI can be used for good and for bad.

Of particular threat to AI systems are cross-prompt injection attacks, which allow bad actors to bypass security controls and manipulate AI systems into performing actions.

Supply chain attacks are also quickly becoming a main threat vector.

“It is imperative for industry leaders to implement proactive measures, leveraging genAI for threat detection and response, to defend against the evolving cyber threat landscape and strengthen their security posture,” said Verma.

More specifically, Securin recommends developing comprehensive strategies that are unique to AI, particularly by combining automated testing frameworks with human expertise.

Securin warns that without proper safeguards, ransomware could evolve into a self-optimizing threat and achieve up to a 90% success rate in evading detection.

Healthcare and IT Are Prime Targets

In terms of who’s doing the evil bidding, Securin found several main ransomware operators whose names popped up over and over again:

Unsurprisingly, these high-risk industries remain the primary targets for ransomware attacks.

According to Securin’s findings, the most commonly attacked industries include:

These industries are frequent targets because they’re undeniably high-value and can’t afford downtime.

That makes them prime opportunities for attackers: Downtime creates leverage, and leverage drives payouts.

One notable incident Securin noted in the report is the Schneider Electric breach by the Hellcat ransomware gang, who bizarrely demanded a $125,000 ransom in baguettes.

The hackers accessed the company’s Atlassian Jira system and stole 40 GB of sensitive data, including employee and customer info, project files, and more.

This attack marked Schneider’s third cybersecurity breach in just two years.

The Weak Links Hackers Exploit Most

Ransomware attacks revealed a consistent weakness across industries: poor authentication and access controls. These remain the most commonly exploited vulnerabilities, giving threat actors an easy way in.

Attackers are using familiar (but effective) tactics, including exploiting misplaced trust in clients, OS command injection, directory indexing flaws, and code injections.

Cyberattacks have grown more advanced. Instead of simple website hacks, attackers now prefer deeper flaws (like buffer overflows) that give them more leverage.

The study noted that this suggests attackers have a mature understanding of enterprise software vulnerabilities.

“Threat actors are exploiting legacy systems and poor security hygiene to gain entry into critical systems,” said Verma.

Verma points to the numbers that back it up:

Securin reminds us that even as threats grow more sophisticated, many breaches still come down to the same core weaknesses.

Inside the Minds of Ransomware Gangs

Ransomware groups are changing the way they gain access to systems.

Securin found that initial access often comes through exploiting public-facing applications. Another trend the report highlighted is that attackers aren’t just rushing in anymore.

Securin identified six of the most aggressive ransomware operators who strike hard once they’ve selected a target.

Instead of launching ransomware right away, attackers are taking time to methodically research and carefully choose their most valuable targets.

It’s the Cobra Kai of cybercrime: Strike first, strike hard, no mercy. That, unfortunately, is what makes these attackers a whole lot harder to stop.

Turning the Tables: Best Practices

When it comes to best practices, the report emphasizes that organizations shouldn’t wait for an attack disguised in a Trojan horse. Make sure your castle walls are already built and fortified.

In particular, the report outlines several key areas of focus: authentication and access control, memory protection, and sector-specific defense strategies.

But for hosting and IT providers, Verma has some specific advice.

“Both web hosting providers and industry leaders can take a proactive approach to cybersecurity by adopting measures that identify and address vulnerabilities before they are exploited,” he said.

Here’s what Verma recommends:

While the checklist is long, the underlying message is simple. As the report puts it: “Perfect security isn’t the goal — making attacks economically unfeasible is.”

About the Author

Contributing Expert

Jordan Sprogis is a creative writer and tech researcher who has been working on online content for the better part of a decade. She holds a bachelor's degree in professional writing from Western Connecticut State University and has devoted much of her career to crafting content for various web verticals, including CyberSpyder and The Echo. Since joining HostingAdvice, Jordan has combined her storytelling ability with her fascination for advancements in technology to pen over 500 articles geared toward industry pros and newcomers alike.

« BACK TO: BLOG

Meet the Experts

Our team of experts with a combined 50+ years of experience in web hosting serve insight and advice to more than 20 million users!

We Know Hosting

$

4

8

,

2

8

3

spent annually on web hosting!