Man
Professional
- Messages
- 3,222
- Reaction score
- 808
- Points
- 113
Experienced players lose ground, giving way to unexpected competitors.
In 2024, the number of active ransomware groups increased by 30%, which is confirmed by Secureworks' annual report published on October 8th. The report notes that over the past 12 months, 31 new groups have appeared in the cyber threat arena. At the same time, the three most active ransomware gangs were headed by LockBit, PLAY and RansomHub.
The undisputed leader among ransomware, the LockBit group, is responsible for 17% of all attacks, although its activity has decreased by 8% compared to last year. At the same time, the PLAY ransomware gang doubled the number of attacks, and the newly emerged RansomHub quickly entered the top three, with a 7% market share.
The growing level of cybercrime is indicative of the fragmentation of the previously monopolized ransomware ecosystem. Small groups are looking to gain a foothold in the market, which makes it difficult to protect companies as the variety of tactics increases. On average, attackers spend about 28 hours on the victim's network, but some attacks can take both a few hours and long days.
According to the report, the number of attacks related to session theft through the man-in-the-middle (AiTM) technique has also increased. These attacks pose a serious threat because they can bypass some multi-factor authentication methods. In addition, criminals are actively using artificial intelligence to improve phishing attacks and create malware.
The report highlights that criminals continue to master new technologies, and cyberattacks are increasingly supported by government entities from China, Iran and North Korea. These countries use cyberspace to achieve their geopolitical goals, as well as to spy and sabotage on behalf of their governments.
Source
In 2024, the number of active ransomware groups increased by 30%, which is confirmed by Secureworks' annual report published on October 8th. The report notes that over the past 12 months, 31 new groups have appeared in the cyber threat arena. At the same time, the three most active ransomware gangs were headed by LockBit, PLAY and RansomHub.
The undisputed leader among ransomware, the LockBit group, is responsible for 17% of all attacks, although its activity has decreased by 8% compared to last year. At the same time, the PLAY ransomware gang doubled the number of attacks, and the newly emerged RansomHub quickly entered the top three, with a 7% market share.
The growing level of cybercrime is indicative of the fragmentation of the previously monopolized ransomware ecosystem. Small groups are looking to gain a foothold in the market, which makes it difficult to protect companies as the variety of tactics increases. On average, attackers spend about 28 hours on the victim's network, but some attacks can take both a few hours and long days.
According to the report, the number of attacks related to session theft through the man-in-the-middle (AiTM) technique has also increased. These attacks pose a serious threat because they can bypass some multi-factor authentication methods. In addition, criminals are actively using artificial intelligence to improve phishing attacks and create malware.
The report highlights that criminals continue to master new technologies, and cyberattacks are increasingly supported by government entities from China, Iran and North Korea. These countries use cyberspace to achieve their geopolitical goals, as well as to spy and sabotage on behalf of their governments.
Source
