CRIMINAL CAPITALI$M
Ransomware attacks surge over 60% in UK and US
A new report on the state of ransomware
shows attacks have more than doubled.
Malwarebytes‘ 2024 State of Ransomware report published today (20 August) shows a surge in malicious activity on US and UK businesses.
As a global leader in real-time cyber protection, the “ThreatDown 2024 State of Ransomware” report reveals an alarming increase in ransomware attacks over the past year.
In the US there has been a 63% increase in ransomware attacks on organisations and businesses, with the UK seeing an even greater rise of 67%.
Gangs carrying out attacks who are not in the top 15 known threat actor groups have increased from 25% to 31% – meaning lesser-known groups are increasing their activity.
This also indicates that the ransomware being used is becoming more accessible to a broader range of cybercriminals and marks a significant shift in the tactics and strategies employed by attackers.
Marcin Kleczynski, Founder and CEO, Malwarebytes said: “Ransomware gangs have time and motivation on their side. They constantly evolve to respond to the latest technologies chasing at their tails.
“We’ve seen this very distinctly over the past year as widespread adoption of technologies like EDR has helped identify attackers before they launch malware, pushing ransomware gangs to work more quickly and put more effort into hiding themselves. Organisations and MSPs need additional support and continuous coverage to out manoeuvre today’s criminals.”
Other key findings in the report include that the US accounts for 48% of all ransomware attacks worldwide and suffers 60% of the world’s attacks on education and 71% of attacks on healthcare.
With a 71% year-on-year increase in ransomware attacks, the manufacturing sector has become a default target for cyber criminals to exploit vulnerabilities.
The report also features insights from the ThreatDown MDR team on three key shifts in the tactics and techniques of ransomware gangs such as Living off the Land (LOTL) Techniques – companies with a dedicated Security Operations Center (SOC) are finding it harder to identify attackers inside their company’s system.
‘Nighttime Attacks’ are also heavily featured in the report with most ransomware attacks happening between 1am and 5am when IT staff are less likely to be present.
It is also reported that the attack chain – how long it takes to execute a ransomware attack, has reduced from weeks to hours.
All three changes in attack strategy highlight the need for rapid detection and response capabilities for businesses.
No comments:
Post a Comment