The Spread of Ransomware Attacks is Widening Amid Threat Actor Power Struggle, GuidePoint Security Finds
2024年7月25日 - 6:58PM
ビジネスワイヤ(英語)
New Quarterly Ransomware Report From GuidePoint’s Research and
Intelligence Team (GRIT) Highlights Growing Attribution of Attacks
as New RaaS Groups Emerge
GuidePoint Security, a cybersecurity solutions leader enabling
organizations to make smarter decisions and minimize risk,
announced today the release of GuidePoint Research and Intelligence
Team’s (GRIT) Q2 2024 Ransomware Report.
While the number of Q2 ransomware victims remains relatively
stable at a 9% quarter-over-quarter increase, the diversity of
those victims – and the ransomware groups targeting them – is
growing. The GRIT Q2 2024 Ransomware Report observes major shakeups
in the ransomware ecosystem following recent law enforcement
operations, including a shift in the industries and geographies
most impacted by ransomware activity.
“The takedown of LockBit and departure of AlphV – two of the
most prolific Ransomware-as-a-Service (RaaS) groups – has left a
power vacuum that groups are scrambling to take over,” said Grayson
North, Senior Security Consultant, GRIT. “There is no ‘new normal’
yet in the ransomware landscape. As a result, we’re seeing victims
spread across a wider variety of industries, attacks attributed to
more groups and new countries being targeted. We expect this
volatility to continue throughout Q3 as previous norms fall by the
wayside and new RaaS leaders surface.”
The GRIT Q2 2024 Ransomware Report takes an in-depth look at the
evolving RaaS ecosystem, including the dramatic increase in
activity of new and emerging ransomware groups. Other notable Q2
ransomware events include the growing role of RaaS relative
newcomer RansomHub, an increase in Play’s operational tempo and
LockBit’s discredited post claiming the United States Federal
Reserve as a victim.
Key Highlights of the Report:
- LockBit is the only ransomware group to maintain its
position as one of the top five threat actors year-over-year.
Despite significant law enforcement disruption, LockBit still holds
the top spot among the quarter’s most active RaaS groups at 131
victims.
- The industries most impacted by ransomware in Q2 2024 were
manufacturing, technology and healthcare, respectively. The
technology industry experienced a surge in observed activity during
the quarter, accounting for nearly 10% of posted victims – its
highest relative placement since Q3 2023.
- H1 2024 saw a 5% increase in reported ransomware victims
over H1 2023, even with the disruption of LockBit and
dissolution of AlphV in early 2024.
- The United States’ share of total ransomware victims
decreased. Following May sanctions imposed on LockBit by the
United States, the percentage of LockBit’s U.S-focused ransomware
attacks fell from 56% pre-sanctions to 45%. Meanwhile, there is an
increasing focus on Brazil, Spain and India by various ransomware
groups.
“As the ransomware ecosystem continues to evolve, we expect at
least some portion of Emerging and Developing groups to steadily
increase operations and become new long-standing Established
groups,” added Justin Timothy, Security Consultant, GRIT. “It’s
also likely that we’ll see ongoing threats from persistent, and
quieter, ransomware groups, such as Play.”
The GRIT Q2 2024 Ransomware Report is based on data obtained
from publicly available resources, including threat groups
themselves, as well as threat analyst insights into the ransomware
threat landscape.
For more information:
- Download the GRIT 2024 Q2 Ransomware Report
- Register for GRIT’s upcoming webinar
- Download the GRIT Ransomware Taxonomy whitepaper
About GuidePoint Security
GuidePoint Security provides trusted cybersecurity expertise,
solutions, and services that help organizations make better
decisions that minimize risk. Our experts act as your trusted
advisor to understand your business and challenges, helping you
through an evaluation of your cybersecurity posture and ecosystem
to expose risks, optimize resources and implement best-fit
solutions. GuidePoint’s unmatched expertise has enabled a third of
Fortune 500 companies and more than half of the U.S. government
cabinet-level agencies to improve their security posture and reduce
risk. Learn more at www.guidepointsecurity.com.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240725562874/en/
Nicole Lavella nicole.lavella@guidepointsecurity.com
703-403-7066