Articles about Ransomware

Ransomware is continuously on the rise. Despite multiple major law enforcement actions against ransomware groups over the past year, there has been a significant increase in ransomware attacks between 2023 and 2024. Interestingly enough, there was also a tracked 35 percent drop in ransomware payments in 2024, but it is clear that this is not stopping ransomware attacks from continuing as threat actors are finding other ways to monetize the data they’re stealing.

To combat this rise, cyber security measures within organizations need to be improved at every level, especially as the threat landscape grows even more complex. This past year has shown us that the importance of careful third-party vendor collaboration particularly must not be overlooked. With that said, there are a few considerations that need to take priority as 2025 progresses.

Continue reading →

The cybersecurity landscape is constantly evolving and organizations need to stay up to date if they're to adequately protect themselves.

At the end of last year, O'Reilly released its 2024 State of Security survey, which analyzes the threats that concern frontline practitioners most, the projects they're implementing to safeguard systems and infrastructure, the skills companies are hiring for, and more.

Continue reading →

Analysis of data logged by the Barracuda Managed XDR Security Operations Center shows ransomware threats have increased by four times over the last year.

In 2024, Barracuda Managed XDR logged 11 trillion IT events -- 350,000 per second. Just over a million were flagged as a potential risk and of these, 16,812 were identified as high-severity threats that required immediate defensive action. That’s a small percentage but highlights the need for powerful engines, analysis tools and human expertise to detect them.

Continue reading →

A total of 94 ransomware groups listed victims in 2024 (a 38 percent increase on 2023) with 49 new groups observed, according to a new report, reflecting further complexity in the ransomware landscape.

The study from Searchlight Cyber also finds an 11 percent increase in the number of total victims posted on ransomware leak sites in 2024 (5,728) compared to 2023 (5,081).

Continue reading →

Hackers are taking the methods and strategies tested on larger companies and applying them to organizations of every size.

Advanced evasion techniques -- once exclusive to advanced persistent threats -- have become the new normal, according to the latest threat report from Huntress. Techniques include endpoint detection and response (EDR) tampering, bring your own vulnerable driver (BYOVD) privilege escalations, and User Account Control (UAC) bypasses.

Continue reading →

Analysis of close to one million operational technology (OT) devices by Claroty's Team82 research group finds that 12 percent contain known exploited vulnerabilities (KEVs), and 40 percent of the organizations analyzed have a subset of these assets insecurely connected to the internet.

The report uncovered over 111,000 KEVs in OT devices across manufacturing, logistics and transportation, and natural resources organizations, with 68 percent of these being linked to ransomware groups. The manufacturing industry was found to have the highest number of devices with confirmed KEVs (over 96,000).

Continue reading →

Nearly 5,300 ransomware victims were reported last year, a 26 percent increase from the previous year, according to new analysis.

The Cybernews team looked at data from the Ransomlooker tool, which monitors the dark web and other hidden areas of the internet, and found that the number active ransomware gangs also grew over the previous year.

Continue reading →

The increased connectivity of business systems and devices is making it harder for organizations to defend against ransomware attacks according to a new report.

The study from Illumio, with research conducted by the Ponemon Institute, shows organizations perceive the cloud and endpoints as being the most vulnerable, and 34 percent say a lack of visibility across hybrid environments makes it difficult to respond to ransomware attacks.

Continue reading →

Small and medium-sized businesses (SMBs) are facing an escalating onslaught of cyberattacks as they evolve in both sophistication and speed. Among the most insidious threats are ransomware variants like QakBot and Black Basta, which operate in the shadows, often slipping past the radar of law enforcement and the media.

The consequences of these attacks can be devastating, leaving SMBs exposed and unprepared, with the potential to disrupt operations, damage reputations, and incur significant financial losses.

Continue reading →

The number of ransomware victims reached an all-time high with more than 1,600 in Q4 2024 alone according to the latest GuidePoint Research and Intelligence Team's (GRIT) annual Ransomware and Cyber Threat Report.

The number of attackers peaked too with a 40 percent year-on-year increase in active threat groups. GRIT identified more than 88 total active threat groups in 2024, including 40 newly observed adversaries.

Continue reading →

In 2024, ransomware groups claimed responsibility for 5,461 successful ransomware attacks on organizations worldwide. Of these 1,204 were confirmed by the targeted organizations, according to analysis by Comparitech.

Across the 1,204 confirmed attacks, 195.4 million records have been breached. These figures for 2024 are lower than those recorded in 2023 (1,474 attacks affecting 261.5 million records), though they are expected to rise as reports often come in months later.

Continue reading →

A new report from Check Point Research shows that ransomware remains the top cyber threat, with RansomHub emerging as the fastest-growing group, operating through Ransomware-as-a-Service (RaaS).

As of September 2024, RansomHub accounted for 19 percent of all ransomware victims published in shame sites, marking a shift in the cybercriminal landscape. Meanwhile, Lockbit, once dominant, has seen a significant decline, responsible for only five percent of new victims, many of which are recycled from previous attacks.

Continue reading →

Ransomware remains a formidable threat facing organizations, with 49 active groups impacting more than 1,000 publicly posted victims in the third quarter 2024, according to a new report.

The report from GuidePoint Security's Research and Intelligence Team (GRIT) shows threat actors are increasingly leveraging legitimate services and platforms to deliver targeted phishing messages. While the abuse of trusted notification services is not a new approach to delivering malware, the research team has recently observed novel -- and progressively sophisticated -- delivery techniques.

Continue reading →

A new report from insurance provider Coalition finds that that ransomware claims severity spiked by 68 percent in the first half of 2024 to an average loss of $353,000.

While high ransomware demands have come back into vogue, funds transfer fraud (FTF) has also seen a notable decrease in both frequency (two percent) and severity (15 percent).

Continue reading →

Ransomware attacks target industries across the board, but they're of particular concern in the healthcare sector where an attack can mean not only data is at risk but lives too.

We spoke with Amitabh Sinha, chief strategy officer and co-founder of Workspot, to discuss the productivity and patient care aspects of these attacks as well as how modern ransomware recovery strategies can help to ensure mission-critical operations can continue, even during an attack.

Continue reading →