New Research: Number of Successful Ransomware Attacks Rise 29% in a Just One Year

Cyber Insurance Increase Due to Ransomware New analysis of Q1’s ransomware attacks uncovers a single group responsible for the majority and discusses what makes them so successful.

This sort of analysis helps to establish threat landscape trends and keeps our collective focus on the places where cyber attacks are working.

According to CyberMax’s Q1 2024 Ransomware Research Report, Lockbit (a ransomware group we’ve covered before) continues to dominate the ransomware landscape, growing each quarter in successful campaigns:

LOCKBIT

Source: CyberMax

CyberMax attribute Lockbit’s success to a few factors:

Use of Initial Access Brokers – they note in the report how Lockbit affiliates leverage IABs to provide the needed access, allowing ransomware actors to focus on the infection, encryption, and exfiltration aspects of an attack
Improper configuration of external / public facing assets – We saw in the recent Coveware ransomware report a rise in the use of Remote Access Compromise as an initial threat vector in ransomware attacks, corroborating CyberMax’s findings
Exploiting unpatched vulnerabilities – Still a viable method, particularly for older operating systems and applications, threat actors leverage vulnerabilities that can be years old
Exploit poor security hygiene – insecure passwords, a lack of cyber vigilance, use of the same password on multiple systems, and more all add to the risk faced by an organization that can be easily taken advantage by threat actors
Phishing – it still remains the simplest and most direct way to gain access to credentials, SaaS applications, and systems

Keep in mind that IABs themselves leverage factors 2 through 5 to compromise credentials and access, making all of these doubly threatening. Unpatched vulnerabilities and improper asset configuration need to be addressed by security teams, while security hygiene and phishing can be addressed through continual new-school security awareness training.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

Here's how it works: