Tech News
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The successful dismantling of the LockBit ransomware crew and the subsequent exposure of its key players have been widely discussed in the cyber security community over the past year. However, despite these efforts, cyber criminals seem undeterred, as indicated by Secureworks’ annual 2024 State of the Threat Report, which reveals a 30% increase in active ransomware groups using leak sites.
During the period from June 2023 to July 2024, 31 new ransomware actors entered the ecosystem, with LockBit accounting for 17% of ransomware listings. This percentage decreased by 8% due to the disruption caused by the UK’s National Crime Agency’s Operation Cronos assault.
Other prominent ransomware groups, such as BlackCat/ALPHV and Clop/Cl0p, have also experienced setbacks in the past year. On the other hand, Play and RansomHub have seen an increase in their activities, with the emergence of new groups like Qilin making their mark in high-profile attacks.
Don Smith, vice president of threat intelligence at Secureworks Counter Threat Unit (CTU), emphasized the evolving nature of the ransomware business model, with increased affiliate migration leading to a larger number of groups and added complexity for network defenders.
More gangs, fewer victims
Despite the rise in ransomware groups, victim numbers have not increased at a similar rate, possibly due to the fragmented landscape and affiliate movements within the ecosystem. The ransomware threat landscape has broadened, leading to a more diverse group of cyber criminals.
The past year has seen a decrease in median dwell times, indicating a shift towards faster and more aggressive attacks. As the ecosystem evolves, defenders can expect to encounter new attack methodologies, such as the use of AI and AitM attacks.
Ransomware gangs are increasingly using tactics like stealing credentials and session cookies to bypass authentication measures. The use of AI models for malicious purposes, such as manipulating search results to spread malware, is also a growing concern for defenders.
Smith highlighted the importance of reevaluating defensive strategies in light of these evolving threats, emphasizing that identity is the new perimeter in cybersecurity.
-
Motivation4 months ago
The Top 20 Motivational Instagram Accounts to Follow (2024)
-
Tech News4 months ago
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Self Development4 months ago
Don’t Waste Your Time in Anger, Regrets, Worries and Grudges
-
Destination4 months ago
Our new fixed tours are your ultimate Aussie & Kiwi adventure!
-
Activities4 months ago
Family Holiday Checklist | What To Pack Family Holiday
-
Destination4 months ago
Turkish Airlines carries 7.2 mn passengers in May, launches new sustainability brand, BA
-
Gaming4 months ago
Concord price, beta, preorder details for PS5 and PC confirmed
-
Breaking News4 months ago
Democrats and allies to flood airwaves, drop more than $125M on abortion push