Ransomware attacks escalate as critical sectors struggle to keep up

Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased attacks on critical sectors like healthcare, education, and manufacturing.

The US, leading in global ransomware incidents, faces an exceptionally high risk, especially in education and healthcare. Organizations are frequently hit multiple times, and ransom payments, while common, often fail to prevent further disruption.

Most ransomware attacks occur between 1 a.m. and 5 a.m.

Malwarebytes | ThreatDown 2024 State of Ransomware | August 2024

• The US accounts for 48% of all ransomware attacks worldwide but suffers 60% of the world’s attacks on education and 71% of attacks on healthcare.
• The manufacturing sector saw a staggering 71% year-on-year increase in ransomware attacks, highlighting the need for robust cybersecurity measures in this digitizing industry.

Business and tech consolidation opens doors for cybercriminals

Resilience | Mid-Year Cyber Risk Report | August 2024

• The BlackCat hacking group—responsible for the Change Healthcare cyber incident—entered 2024 with an existing track record: in 2023, the group topped the list of most costly attacks, with BlackCat attacks accounting for 18% of covered losses from ransomware.
• Ransomware remained the leading cause of loss since January 2023, with 64% of ransomware-related claims resulting in a loss. The financial severity of claims related to ransomware attacks increased 411% from 2022 to 2023.

74% of ransomware victims were attacked multiple times in a year

Semperis | 2024 Ransomware Risk Report | August 2024

• 83% of organizations were targeted by ransomware attacks in the past year with a high degree of success, sounding alarming trends in attack frequency, severity, and consequences.
• 74% of respondents that were attacked for ransom in the past 12 months were attacked multiple times, many within the span of a week.
• 87% of attacks caused business disruption—even for those that paid ransom—including data loss and the need to take systems offline.

Record-breaking $75 million ransom paid to cybercrime group

Zscaler | Zscaler ThreatLabz 2024 Ransomware Report | August 2024

• The findings from the report uncovered a record-breaking ransom payment of $75 million to the Dark Angels ransomware group, which is nearly double the highest publicly known ransomware payout, and an overall 18% increase in ransomware attacks year-over-year.
• The United States faced a markedly higher volume of ransomware attacks than any other country, accounting for about 50% of all incidents globally. In comparison, the United Kingdom was the second-most targeted nation, experiencing nearly 6% of ransomware attacks, followed by Germany (4.09%), Canada (3.51%), and France (3.26%).

Malicious emails trick consumers into false election contributions

Trellix | The CyberThreat Report: June 2024 | June 2024

• Ransomware actors threatened the transportation and shipping sector the most, generating 53% and 45% of global ransomware detections in Q4 2023 and Q1 2024 respectively, and was followed by the finance industry.

Cyber insurance isn’t the answer for ransom payments

Veeam | 2024 Ransomware Trends Report | June 2024

• Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime as 41% of data is compromised during a cyberattack.
• For the third year in a row, 81% of organizations surveyed paid the ransom to end an attack and recover data.
• Alarmingly, 63% of organizations are at risk of reintroducing infections while recovering from ransomware attacks or significant IT disasters.

Ransomware fallout: 94% experience downtime, 40% face work stoppage

Arctic Wolf | 2024 Arctic Wolf Trends Report | May 2024

• 45% of respondents claim their organization suffered a ransomware attack in the last 12 months, an increase from last year, with 86% of those attacks including successful data exfiltration.
• 94% of those who suffered a ransom event experienced a period of significant downtime and delays in productivity.

Cybercriminals shift tactics to pressure more victims into paying ransoms

At-Bay | 2024 InsurSec Report | May 2024

• Ransomware claims frequency as a whole jumped 64% year over year, primarily due to the explosion of “indirect” ransomware claims whose frequency increased by 415%.
• Attackers continued to exploit remote access technology, with 58% of direct ransomware incidents attributable to a remote access vulnerability.
• The average ransom demand by attackers exceeded $1.26 million in 2023, though the average amount paid came in at $282,000, 77% lower than the initial demand on average.