Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    New Research: Number of Successful Ransomware Attacks Rise 29% in a Just One Year

    Cyber Insurance Increase Due to RansomwareNew analysis of Q1’s ransomware attacks uncovers a single group responsible for the majority and discusses what makes them so successful.

    This sort of analysis helps to establish threat landscape trends and keeps our collective focus on the places where cyber attacks are working.

    According to CyberMax’s Q1 2024 Ransomware Research Report, Lockbit (a ransomware group we’ve covered before) continues to dominate the ransomware landscape, growing each quarter in successful campaigns:

    LOCKBIT

    Source: CyberMax

    CyberMax attribute Lockbit’s success to a few factors:

    • Use of Initial Access Brokers – they note in the report how Lockbit affiliates leverage IABs to provide the needed access, allowing ransomware actors to focus on the infection, encryption, and exfiltration aspects of an attack
    • Improper configuration of external / public facing assets – We saw in the recent Coveware ransomware report a rise in the use of Remote Access Compromise as an initial threat vector in ransomware attacks, corroborating CyberMax’s findings
    • Exploiting unpatched vulnerabilities – Still a viable method, particularly for older operating systems and applications, threat actors leverage vulnerabilities that can be years old
    • Exploit poor security hygiene – insecure passwords, a lack of cyber vigilance, use of the same password on multiple systems, and more all add to the risk faced by an organization that can be easily taken advantage by threat actors
    • Phishing – it still remains the simplest and most direct way to gain access to credentials, SaaS applications, and systems

    Keep in mind that IABs themselves leverage factors 2 through 5 to compromise credentials and access, making all of these doubly threatening. Unpatched vulnerabilities and improper asset configuration need to be addressed by security teams, while security hygiene and phishing can be addressed through continual new-school security awareness training.

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

     

    Return To KnowBe4 Security Blog

    RanSim

    Free downloadable software tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    RanSim gives you a quick look at the effectiveness of your existing network protection. RanSim will test 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    RansIm-Monitor3Here's how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 25 types of infection scenarios
    • Just download the installer and run it
    • Results in a few minutes!

    Get RanSim!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/ransim

    Topics: Security Awareness Training, Ransomware, Security Culture

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews