Ransomware attacks double in Q2

Criminal groups change strategies to maximise impact.

  • Friday, 16th August 2024 Posted 3 months ago in by Phil Alsop

Dragos has revealed that ransomware incidents almost doubled in the second quarter of 2024 compared to the first quarter, indicating a significant resurgence of the ransomware threat.

The threat intelligence team at Dragos analysed ransomware data from various sources, including public reports and dark websites, to provide insights into the trends, patterns, and observations of ransomware activity targeting industrial sectors.

They found that the industrial sector remains a prime target for criminal groups due to the critical nature of its operations and the potentially high impact of disruptions. Ransomware's impact on industrial organisations has also increased, with ransomware groups focusing on high-impact operators to maximize their profits.

Some key developments this quarter include:

The number of ransomware incidents almost doubled in the second quarter compared to the first quarter, with 312 observed incidents globally.

Ransomware groups demonstrated significant resilience and adaptability, with some groups rebranding and others emerging with new tactics and techniques.

The manufacturing sector was the most affected, with 210 observed incidents, accounting for approximately 67 percent of all ransomware incidents.

The Lockbit group was behind most attacks against industrial organizations, with approximately 21 percent (or 66 incidents) of observed ransomware events.

Approximately 26 percent of global ransomware incidents (82 in total) impacted Europe.

Among the 86 ransomware groups known for targeting industrial organizations, 29 remained active in the second quarter compared to 22 ransomware groups in the first quarter of 2024. However, the second quarter saw a resurgence with several rebranded groups and new entrants in the ransomware landscape. Groups such as BlackSuit (formerly Royal ransomware) and RansomHub (previously Knight ransomware) have shown notable activity, leveraging sophisticated tactics and techniques to enhance their operations.

The team at Dragos also provided recommendations for industrial organisations to enhance their cybersecurity posture and mitigate the risk of ransomware attacks, such as implementing the five critical controls recommended by the SANS Institute.

The promise of AI is on every biopharma’s radar, but the reality today is that much of the industry is grappling with how to convert the hype into...
IT teams urged to resolve ‘data delays’ as UK executives struggle to access and use relevant business data.

‘Playtime is over’ for GenAI

Posted 5 days ago by Phil Alsop
NTT DATA research shows organizations shifting from experiments to investments that drive performance.

GenAI not production-ready?

Posted 5 days ago by Phil Alsop
Architectural challenges are holding UK organisations back - with just 24% citing having sufficient governance to implement GenAI.

AI tops decision-makers' priorities

Posted 5 days ago by Phil Alsop
Skillsoft has released its 2024 IT Skills and Salary Report. Based on insights from more than 5,100 global IT decision-makers and professionals, the...

The state of cloud ransomware in 2024

Posted 5 days ago by Phil Alsop
Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security realm.
Talent and training partner, mthree, which supports major global tech, banking, and business clients to build job-ready teams, has revealed the...

AI innovation is powering the Net Zero transition

Posted 5 days ago by Phil Alsop
Whilst overall AI patent filings have slowed, green AI patent publications grew 35% in 2023.