Tech News
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The successful dismantling of the LockBit ransomware crew and the subsequent exposure of its key players have been widely discussed in the cyber security community over the past year. However, despite these efforts, cyber criminals seem undeterred, as indicated by Secureworks’ annual 2024 State of the Threat Report, which reveals a 30% increase in active ransomware groups using leak sites.
During the period from June 2023 to July 2024, 31 new ransomware actors entered the ecosystem, with LockBit accounting for 17% of ransomware listings. This percentage decreased by 8% due to the disruption caused by the UK’s National Crime Agency’s Operation Cronos assault.
Other prominent ransomware groups, such as BlackCat/ALPHV and Clop/Cl0p, have also experienced setbacks in the past year. On the other hand, Play and RansomHub have seen an increase in their activities, with the emergence of new groups like Qilin making their mark in high-profile attacks.
Don Smith, vice president of threat intelligence at Secureworks Counter Threat Unit (CTU), emphasized the evolving nature of the ransomware business model, with increased affiliate migration leading to a larger number of groups and added complexity for network defenders.
More gangs, fewer victims
Despite the rise in ransomware groups, victim numbers have not increased at a similar rate, possibly due to the fragmented landscape and affiliate movements within the ecosystem. The ransomware threat landscape has broadened, leading to a more diverse group of cyber criminals.
The past year has seen a decrease in median dwell times, indicating a shift towards faster and more aggressive attacks. As the ecosystem evolves, defenders can expect to encounter new attack methodologies, such as the use of AI and AitM attacks.
Ransomware gangs are increasingly using tactics like stealing credentials and session cookies to bypass authentication measures. The use of AI models for malicious purposes, such as manipulating search results to spread malware, is also a growing concern for defenders.
Smith highlighted the importance of reevaluating defensive strategies in light of these evolving threats, emphasizing that identity is the new perimeter in cybersecurity.
-
Destination4 months ago
Singapore Airlines CEO set to join board of Air India, BA News, BA
-
Tech News7 months ago
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Motivation7 months ago
The Top 20 Motivational Instagram Accounts to Follow (2024)
-
Guides & Tips6 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Guides & Tips5 months ago
Have Unlimited Korean Food at MANY Unlimited Topokki!
-
Tech News6 months ago
Soccer team’s drone at center of Paris Olympics spying scandal
-
Gaming5 months ago
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Self Development7 months ago
Don’t Waste Your Time in Anger, Regrets, Worries and Grudges