- Blackfog says that ransomware increased significantly by 2024
- Two groups stood out particularly: Lockbit and Ransomhub
- Infections increased in all industries, despite the greatest awareness
2024 was a record year for ransomware attacks, with more groups, more malware variants and higher payments than ever, said new research.
Cybersecurity researchers that Blackfog found compared to 2023, there were 65% more groups detected in 2024r – 48 in total. A significant number of these, 44 new variants, were responsible for almost a third (32%) of all attacks not revealed in 2024.
In the last two months of the year, the threat actors that emerged for the first time in 2024 represented more than half of the attacks in each month.
Lockbit and Ransomhub
When it comes to revealed attacks, most went to vertical medical care, government and education. These three took almost half (47%) of all reports of the year. Attacks against medical care increased by 20%year -on -year, in the government of 15%and in education of 10%. However, in terms of the percentage, there were industries that also reported significant increases, including retail (96%), services (88%) and finance (66%).
For unleashed attacks, the three main industries were manufacturing (17.6%), services (12.2%) and technology (9.7%).
Two groups stood out as particularly dangerous: Lockbit and Ransomhub. The first is one of the most prominent threat actors in recent years, and in 2024, he went to 603 victims. Only in May 2024, the group launched almost 200 attacks, occupying a significant portion (36%) of all the attacks reported that month.
Ransomhub, on the other hand, was not delayed much. Despite being introduced only in February 2024, it managed to affect 586 victims, including government entities and 78 organizations in the global manufacturing sector.
Blackfog also said it was worth mentioning the Medusa group, although it represented “only” 5% of all the incidents revealed for the year, as it was known for demanding huge rates, often exceeding $ 40 million.
“The report shows that 2024 was a historical year with organizations that face the growing financial and reputational damage of ransomware attacks, with highly pressured high -value sectors to pay bailouts to restore operations,” said Dr. Darren Williams, founder and CEO of Blackfog.
“As cybercounts continually refine their techniques to exploit vulnerabilities and launch large -scale attacks, defend against ransomware is becoming more and more complex. Governments are intensifying efforts to counteract this growing threat, introducing new measures, such as mandatory ransomware incidents reports. However, Ransomware’s global crisis continues to increase at an alarming pace. In this scenario of threats in evolving, proactive and preventive strategies to mitigate ransomware and exfiltration of data have never been more crucial. ”
