Shayimamba Conco, cyber security expert at Check Point.

Ransomware attacks rebounded in 2024 after law enforcement took down LockBit and Noberus, two of the most prolific ransomware syndicates. The former was said to have been responsible for around 25% of all victims listed on ransomware leak sites in 2023. In February 2025, the Cybersecurity and Infrastructure Security Agency and the FBI issued urgent warnings about the Ghost ransomware operation, which was carrying out attacks across multiple industry verticals in more than 70 countries. Instead of using phishing tactics, Ghost operatives exploit security vulnerabilities that haven’t been patched.

Conversations around how to prevent, mitigate and defend against ransomware never seem to end. Training, security systems, and expensive managed security services are all designed to prevent that click that introduces the risk. But what more can be done to improve security beyond these parameters?