Articles about Ransomware

Hackers are taking the methods and strategies tested on larger companies and applying them to organizations of every size.

Advanced evasion techniques -- once exclusive to advanced persistent threats -- have become the new normal, according to the latest threat report from Huntress. Techniques include endpoint detection and response (EDR) tampering, bring your own vulnerable driver (BYOVD) privilege escalations, and User Account Control (UAC) bypasses.

Continue reading →

Analysis of close to one million operational technology (OT) devices by Claroty's Team82 research group finds that 12 percent contain known exploited vulnerabilities (KEVs), and 40 percent of the organizations analyzed have a subset of these assets insecurely connected to the internet.

The report uncovered over 111,000 KEVs in OT devices across manufacturing, logistics and transportation, and natural resources organizations, with 68 percent of these being linked to ransomware groups. The manufacturing industry was found to have the highest number of devices with confirmed KEVs (over 96,000).

Continue reading →

Nearly 5,300 ransomware victims were reported last year, a 26 percent increase from the previous year, according to new analysis.

The Cybernews team looked at data from the Ransomlooker tool, which monitors the dark web and other hidden areas of the internet, and found that the number active ransomware gangs also grew over the previous year.

Continue reading →

The increased connectivity of business systems and devices is making it harder for organizations to defend against ransomware attacks according to a new report.

The study from Illumio, with research conducted by the Ponemon Institute, shows organizations perceive the cloud and endpoints as being the most vulnerable, and 34 percent say a lack of visibility across hybrid environments makes it difficult to respond to ransomware attacks.

Continue reading →

Small and medium-sized businesses (SMBs) are facing an escalating onslaught of cyberattacks as they evolve in both sophistication and speed. Among the most insidious threats are ransomware variants like QakBot and Black Basta, which operate in the shadows, often slipping past the radar of law enforcement and the media.

The consequences of these attacks can be devastating, leaving SMBs exposed and unprepared, with the potential to disrupt operations, damage reputations, and incur significant financial losses.

Continue reading →

The number of ransomware victims reached an all-time high with more than 1,600 in Q4 2024 alone according to the latest GuidePoint Research and Intelligence Team's (GRIT) annual Ransomware and Cyber Threat Report.

The number of attackers peaked too with a 40 percent year-on-year increase in active threat groups. GRIT identified more than 88 total active threat groups in 2024, including 40 newly observed adversaries.

Continue reading →

In 2024, ransomware groups claimed responsibility for 5,461 successful ransomware attacks on organizations worldwide. Of these 1,204 were confirmed by the targeted organizations, according to analysis by Comparitech.

Across the 1,204 confirmed attacks, 195.4 million records have been breached. These figures for 2024 are lower than those recorded in 2023 (1,474 attacks affecting 261.5 million records), though they are expected to rise as reports often come in months later.

Continue reading →

A new report from Check Point Research shows that ransomware remains the top cyber threat, with RansomHub emerging as the fastest-growing group, operating through Ransomware-as-a-Service (RaaS).

As of September 2024, RansomHub accounted for 19 percent of all ransomware victims published in shame sites, marking a shift in the cybercriminal landscape. Meanwhile, Lockbit, once dominant, has seen a significant decline, responsible for only five percent of new victims, many of which are recycled from previous attacks.

Continue reading →

Ransomware remains a formidable threat facing organizations, with 49 active groups impacting more than 1,000 publicly posted victims in the third quarter 2024, according to a new report.

The report from GuidePoint Security's Research and Intelligence Team (GRIT) shows threat actors are increasingly leveraging legitimate services and platforms to deliver targeted phishing messages. While the abuse of trusted notification services is not a new approach to delivering malware, the research team has recently observed novel -- and progressively sophisticated -- delivery techniques.

Continue reading →

A new report from insurance provider Coalition finds that that ransomware claims severity spiked by 68 percent in the first half of 2024 to an average loss of $353,000.

While high ransomware demands have come back into vogue, funds transfer fraud (FTF) has also seen a notable decrease in both frequency (two percent) and severity (15 percent).

Continue reading →

Ransomware attacks target industries across the board, but they're of particular concern in the healthcare sector where an attack can mean not only data is at risk but lives too.

We spoke with Amitabh Sinha, chief strategy officer and co-founder of Workspot, to discuss the productivity and patient care aspects of these attacks as well as how modern ransomware recovery strategies can help to ensure mission-critical operations can continue, even during an attack.

Continue reading →

Data is the currency of every business today, but it is under significant threat. As companies rapidly collect and store data, it is driving a need to adopt multi-cloud solutions to store and protect it. At the same time, ransomware attacks are increasing in frequency and sophistication. This is supported by Rapid7’s Ransomware Radar Report 2024 which states, “The first half of 2024 has witnessed a substantial evolution in the ransomware ecosystem, underscoring significant shifts in attack methodologies, victimology, and cybercriminal tactics.”

Against this backdrop, companies must have a data resilience plan in place which incorporates four key facets: data backup, data recovery, data freedom and data security.

Continue reading →

According to a new survey, 84 percent of organizations in the enterprise sector spotted a cyberattack within the last 12 months, compared to only 65 percent in 2023.

The study from Netwrix shows the most common security incidents are phishing, user or admin account compromise, and ransomware or other malware attack.

Continue reading →

A new report from SpyCloud finds that Ransomware is seen as the biggest cybersecurity threat across every industry, with 75 percent of organizations affected by ransomware more than once in the past 12 months -- a jump from 61 percent in 2023.

Based on a survey of 510 individuals in active cybersecurity roles within organizations in the US and the UK with at least 500 employees, the report shows some industries are more at risk than others, with insurance firms 6.3x more likely to experience a ransomware attack and healthcare 2.1x more likely.

Continue reading →

As we begin a new school year, a survey of 250 IT leaders from educational institutions in the US and UK highlights the potential damage from cyberattacks on schools.

The study from Action1 shows 20 percent of respondents believe that the current level of support from their school board is insufficient, with a high risk of significant impact on education quality due to ransomware.

Continue reading →