New Research: Number of Successful Ransomware Attacks Rise 29% in a Just One Year

Stu Sjouwerman | May 14, 2024

Cyber Insurance Increase Due to RansomwareNew analysis of Q1’s ransomware attacks uncovers a single group responsible for the majority and discusses what makes them so successful.

This sort of analysis helps to establish threat landscape trends and keeps our collective focus on the places where cyber attacks are working.

According to CyberMax’s Q1 2024 Ransomware Research Report, Lockbit (a ransomware group we’ve covered before) continues to dominate the ransomware landscape, growing each quarter in successful campaigns:

LOCKBIT

Source: CyberMax

CyberMax attribute Lockbit’s success to a few factors:

  • Use of Initial Access Brokers – they note in the report how Lockbit affiliates leverage IABs to provide the needed access, allowing ransomware actors to focus on the infection, encryption, and exfiltration aspects of an attack
  • Improper configuration of external / public facing assets – We saw in the recent Coveware ransomware report a rise in the use of Remote Access Compromise as an initial threat vector in ransomware attacks, corroborating CyberMax’s findings
  • Exploiting unpatched vulnerabilities – Still a viable method, particularly for older operating systems and applications, threat actors leverage vulnerabilities that can be years old
  • Exploit poor security hygiene – insecure passwords, a lack of cyber vigilance, use of the same password on multiple systems, and more all add to the risk faced by an organization that can be easily taken advantage by threat actors
  • Phishing – it still remains the simplest and most direct way to gain access to credentials, SaaS applications, and systems

Keep in mind that IABs themselves leverage factors 2 through 5 to compromise credentials and access, making all of these doubly threatening. Unpatched vulnerabilities and improper asset configuration need to be addressed by security teams, while security hygiene and phishing can be addressed through continual new-school security awareness training.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.