- Blackfog says ransomware increased considerably in 2024
- Two groups have particularly stood out – Lockbit and Ransomhub
- Infections have increased between industries, despite increased awareness
2024 was a record year for ransomware attacks, with more groups, more variants of malware and higher payments than ever, according to new research.
Cybersecurity researchers were found compared to 2023, there were 65% of additional groups detected in 2024R – 48 in total. A significant number of these – 44 new variants – were responsible for almost a third (32%) of all the attacks not disclosed in 2024.
In the past two months of the year, threat actors who have emerged in 2024 have represented more than half of the attacks each month.
Lockbit and ransomhub
With regard to disclosed attacks, the majority went to health care, government and education. These three took almost half (47%) of all reports for the year. Attacks on health care increased by 20% in annual shift, on the government by 15% and on education by 10%. However, as a percentage, there were also industries that declared significant increases, including retail (96%), services (88%) and finances (66%).
For unknown attacks, the three main industries were manufacturing (17.6%), services (12.2%) and technology (9.7%).
Two groups stood out as particularly dangerous – Lockbit and Ransomhub. The first is one of the actors of the most eminent threats of recent years and, in 2024, he targeted 603 victims. In May 2024 alone, the group launched nearly 200 attacks, taking an important part (36%) of all the attacks reported this month.
Ransomhub, on the other hand, has not delayed much. Although it was not introduced in February 2024, it managed to assign 586 victims, including government entities and 78 organizations in the world manufacturing sector.
BlackFog also said that the Medusa group deserves to be mentioned, even if it represented “5%” of all the incidents disclosed for the year, because it was known to demand enormous costs, often exceeding 40 million dollars.
“The report shows that 2024 has been a historic year with organizations facing growing financial and reputation damage from ransomware attacks, with high -value sectors particularly pressed to pay ransom to restore operations,” said Dr. Darren Williams, founder and CEO of BlackFog.
“While cybercriminals continuously refine their techniques to exploit vulnerabilities and launch large -scale attacks, defense against ransomware becomes more and more complex. Governments intensify efforts to counter this growing threat, introducing new measures such as compulsory ransomware incident reports. However, the global ransomware crisis continues to degenerate at an alarming rate. In this evolving threat landscape, proactive and preventive strategies to mitigate ransomware and data exfiltration have never been so crucial. »»
