Articles about Ransomware

Artificial intelligence is the biggest topic of 2024. While some are already tired of seeing AI constantly in the headlines, it will only become more prevalent. Keeping up with how it changes business practices is then critical. AI is undeniably disrupting most digital industries, including cybercrime.  

As a result, it is important to cut through the hype and get to the facts about AI. A lot has been said about AI's potential impact on the global ransomware threat, but what is the real impact?

Continue reading →

A new report reveals that organizations are suffering multiple ransomware infections, 18 percent have suffered a ransomware infection 10 or more times in a 24-month period, a further 18 percent were infected five to nine times, and 30 percent were infected between two and four times.

The study from anti-ransomware platform Halcyon also shows that data exfiltration occurs in nearly every major ransomware attack today, and nearly 60 percent of respondents say that sensitive or regulated data was exfiltrated from their organization, with 55 percent reporting the attackers issued an additional ransom demand to protect the exfiltrated data.

Continue reading →

The latest GRIT Ransomware Report from GuidePoint Security shows that May this year resulted in a 33 percent increase overall in ransomware activity compared to April 2024, indicating a degree of seasonality given a similar increase month-on-month in May 2023 relative to April 2023.

May 2024 closed with an increase in overall victim volume. However, a deep review reveals that the rise was driven disproportionately by LockBit's 175 posted victims, accounting for 37 percent of the month’s total publicly posted ransomware victims.

Continue reading →

Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime as 41 percent of data is compromised during a cyberattack, according to the latest Veeam 2024 Ransomware Trends Report.

The report, based on 1,200 responses from organizations that have faced a security incident, reveals that only 57 percent of the compromised data is usually recovered, leaving organizations vulnerable to substantial data loss and negative business impacts as a result.

Continue reading →

A new report from threat intelligence company Intel 471 shows a global rise in ransomware and hacktivism.

The report notes 4,429 ransomware attacks in 2023, almost double the 2,344 observed in 2022, with the most prominent variants being LockBit 3.0, ALPHV, CLOP, Play and 8BASE. North America saw a notable 125.3 percent increase in ransomware, followed by Europe with 67.7 percent, Asia with 46.8 percent, South America with 40.9 percent.

Continue reading →

Ransomware attacks are so destructive that it’s easy to assume that all of them are large-scale in nature. However, this isn’t always the case, and ransomware gangs can do incredible amounts of damage with relatively small amounts of data. For example, an analysis carried out by Zerto of 116 globally diverse ransomware attacks spanning 43 different ransomware variants uncovered a median dataset size of just 183.5 GB.

When considered alongside a study carried out by Splunk, which says the average ransomware can encrypt a gigabyte of data in 47.7 seconds, the typical encryption detonation process for 183.5 GB of data would take nearly two and a half hours: That’s not very long at all.

Continue reading →

A new study from Comparitech finds that around a fifth of ransomware attacks in the US led to a lawsuit in 2023.

It shows that 355 lawsuits were filed following 3,002 ransomware attacks. Of these 228 have been completed and 134 were successful -- that is they led to a data breach settlement, resulted in the company being fined for failing to safeguard systems and/or data, or were settled out of court.

Continue reading →

Amid a tumultuous 2023 marked by economic anxieties and rising geopolitical tensions, threat actors seized the opportunity to weaponize fear and uncertainty. While ransomware trends had previously ebbed and flowed, experiencing a 23 percent decrease in just the first half of 2022, they took a shocking turn in 2023, skyrocketing by a staggering 95 percent.

We spoke with Andrew Costis, chapter leader of the Adversary Research Team at AttackIQ, to discuss why ransomware has taken headlines by storm and how the industry can empower security teams with the tools to fight back.

Continue reading →

Picture this: It’s 2031, and you’re chief information security officer (CISO) at a Fortune 500 company. Alongside many other innovative and emerging threats, you’re constantly battling AI-empowered bad actors. In fact, you spend the majority of your working hours combating emerging forms of ransomware. These dangerous incursions occur once every two seconds -- more than 43,000 attacks every day -- and all organizations are extremely vulnerable.

Although harsh, this scenario may soon become a reality. Threat actors are learning to use more refined tactics to infiltrate valuable consumer data, and it’s paying dividends. In 2023 alone, ransomware attacks increased by 68 percent.

Continue reading →

A new report shows a 20 percent year-on-year increase in the number of ransomware victims, along with major shifts in the behavioral patterns of ransomware groups.

The Q1 2024 ransomware report, from the GuidePoint Security Research and Intelligence Team (GRIT), finds the number of active ransomware groups more than doubled, increasing 55 percent from 29 distinct groups in Q1 2023 to 45 distinct groups in Q1 2024.

Continue reading →

Last year saw a 34.5 percent year-on-year increase in reported data breach incidents, with over 17 billion records compromised according to a new report from Flashpoint.

This trend looks set to continue as the first two months of 2024 alone saw a massive 429 percent spike in stolen or leaked personal data compared to the same period in the previous year.

Continue reading →

Sadly, there has never been a better phrase than ‘survival of the fittest’ to describe cyber criminal groups. They are constantly refining their tactics to cause greater disruption and earn even bigger profits. The ransomware ecosystem is a resilient and lucrative business model, and attacks are causing huge pain for organizations.

Just look at the recent attack on the British Library. The attack rendered the British Library’s website inoperative, and it’s been reported the institution may have to spend £7 million to recover. The Rhysida group, who were responsible for the attack, disseminated hundreds of thousands of confidential documents on the internet, encompassing both customer and employee information.

Continue reading →

The latest ransomware report from GuidePoint Security shows a decline in activity in January compared to the final quarter of last year, with a drop in the total number of posted victims by 33 percent and 60 percent relative to December and November 2023.

However, this is consistent with the trends of January of 2022 and 2023, both of which also followed heightened Q4 activity from the previous year.

Continue reading →

Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools now make up the majority of malicious tools in use by attackers, according to a new study.

The report from Darktrace shows malware loaders (77 percent of investigated threats) are the most common tool, followed by cryptominers (52 percent), and botnets (39 percent).

Continue reading →

Web intelligence company Searchlight Cyber has released a new report on the ransomware landscape of the dark web, highlighting changing tactics and the groups that security teams need to look out for in 2024.

LockBit, BlackCat (also known as ALPHV or Noberus), and Cl0p were the most prolific ransomware groups of 2023 by the number of victims claimed on their dark web leak sites. However, a major finding of the report is that these groups' share of overall ransomware victims has actually decreased as the number of operators has grown.

Continue reading →