- Blackfog says ransomware rose significantly in 2024
- Two groups stood out in particular – Lockbit and Ransomhub
- Infections rose across industries in spite of increased attention
2024 was a record-breaking year for ransomware attacks, with more groups, more malware variants and higher payouts than ever before, new research has said.
CyberSecurity – Scientists Blackfog found compared to 2023, there were 65% more groups discovered in 2024R – 48 in total. A significant number of these – 44 new variants – were responsible for almost a third (32%) of all non -unwinded attacks by 2024.
In the last two months of the year, threat actors, first emerging in 2024, drew more than half the attacks in each month.
Lockbit and Ransomhub
When it comes to revealed attacks, the majority went to healthcare, government and educational verticals. These three took almost half (47%) of all reports for the year. Attacks on healthcare increased by 20%year to year, on the government 15%and on education 10%. However, there were also industries reporting significant increases, including retail (96%), services (88%) and financing (66%).
For non -reveled attacks, the three best industries (17.6%), services (12.2%) and technology (9.7%) produced.
Two groups stood out as particularly dangerous – Lockbit and Ransomhub. The former is one of the most prominent threat actors in recent years, and by 2024 it targeted 603. In May 2024 alone, the group launched almost 200 attacks, taking a significant part (36%) of all attacks reported that month.
Ransomhub, on the other hand, did not make much. Despite being introduced only in February 2024, it succeeded in influencing 586 victims, including government units and 78 organizations in the global manufacturing sector.
Blackfog also said the Medusa group was worth mentioning, even though it accounted for “just” 5% of all revealed events for the year, as it was known for demanding huge fees, often over $ 40 million.
“The report shows that 2024 was a landmark year of organizations facing growing financial and reputation damage from ransomware attacks, with high-value sectors, which were especially pressed to pay ransom to restore operations,” Dr. Darren Williams, founder and CEO of Blackfog.
“As cyber criminals continuously fine -tune their techniques to exploit vulnerabilities and launch major attacks, defending against ransomware becomes increasingly complicated. Governments are increasing efforts to address this growing threat and introduce new measures such as mandatory ransomware -event reporting. However, the global ransomware crisis continues to escalate at an alarming speed. In this evolving pacifier landscape, proactive and preventative strategies for mitigating ransomware and data -exfiltration have never been more crucial. ”
