Ransomware teams claimed accountability for five,461 assaults in 2024, with 1,204 of those assaults being publicly confirmed by sufferer organizations, in response to Comparitech’s newest Ransomware Roundup report.
The common ransom demand was greater than $3.5 million, and the typical ransom paid was $9.5 million. Many of those assaults concerned information theft extortion, resulting in the breach of practically 200 million information.
“Throughout the 1,204 confirmed assaults, 195.4 million information had been breached (and counting),” Comparitech says. “These figures for 2024 are decrease than these recorded in 2023 (1,474 assaults affecting 261.5 million information), however with many reviews coming by way of months (and, in some circumstances, years) after the assault, we do anticipate 2024 figures to rise within the coming months.”
The key ransomware assaults final 12 months had been tied to a number of identified risk actors, a few of which function below an affiliate mannequin. These hacking teams perform as organized prison gangs to maximise ransom payouts.
“Probably the most prolific ransomware gangs in 2024 (based mostly on confirmed assaults) had been RansomHub (89 confirmed assaults), LockBit (83), Medusa (62), and Play (57),” the researchers write. “Nevertheless, the gang accountable for probably the most breached information is ALPHV/BlackCat (119.6M in complete), and Darkish Angels obtained the largest payout ($75M).”
Ransomware is a particularly worthwhile prison business, and Comparitech expects to see these assaults proceed by way of the foreseeable future.
“Based mostly on 2024, it’s extremely probably we’ll proceed to see large-scale assaults that both trigger widespread disruption to corporations and/or see troves of knowledge being stolen,” the researchers write. “What’s extra, Clop’s latest Cleo exploit seems set to see various corporations issuing breaches within the coming months (the gang threatened to launch round 66 corporations towards the top of 2024).”
Most ransomware assaults contain phishing or another type of social engineering as an preliminary entry vector. New-school safety consciousness coaching may give your group a vital layer of protection by enabling your staff to thwart social engineering assaults.
KnowBe4 empowers your workforce to make smarter safety choices day-after-day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human threat.
Comparitech has the story.