GuidePoint Security, a prominent cybersecurity solutions provider, recently unveiled their most recent report titled Ransomware and Cyber Threat Insights: The Rise of Ransomware’s Middle Class. This report delves into the evolving ransomware ecosystem, the tactics utilized by threat actors, and emerging cybercrime trends. Some key findings from the report include the following:

1. Ransomware continues to pose a significant threat to organizations, with 49 active groups impacting over 1,000 publicly identified victims in the third quarter of 2024.

2. A “middle class” within the Ransomware-as-a-Service (RaaS) ecosystem has emerged as a result of various disruptions caused by law enforcement. This middle class is responsible for distributing ransomware victims across a wider range of diverse groups.

3. Threat actors are increasingly using legitimate services and platforms to deliver targeted phishing messages. While the misuse of reputable notification services for spreading malware is not a new strategy, the GuidePoint Research and Intelligence Team (GRIT) has noted innovative and increasingly sophisticated delivery methods.

4. The sectors most affected by ransomware in the third quarter of 2024 were manufacturing, technology, and healthcare, in that order, with manufacturing being the most heavily impacted industry by a significant margin.

5. The United States accounted for more than half of the ransomware victims identified in this quarter. Conversely, the United Kingdom and Germany experienced a notable decrease in observed attacks during the same period.

Grayson North, Senior Security Consultant at GRIT, remarked, “While RaaS groups have attempted to fill the void left by AlphV and LockBit, there remains a noticeable gap in the ransomware ecosystem. Groups are now less tightly connected, leading to a broader distribution of victims, slower attack rates, and a steady increase in the number of active ransomware groups.”

The Ransomware and Cyber Threats Insight Report also examines the access methods that contribute to the sustained success of well-established RaaS groups like Akira and RansomHub, the impact of new law enforcement strategies on threat actors, and the surge of ransomware victims in countries with growing economies.

North cautioned, “Despite a stabilization in the rate of growth, ransomware attacks continue to pose a significant threat. The profitability of ransomware for cybercriminals remains high, and there are no signs of a decline in attacks for 2024 or beyond.”

This report is based on data sourced from public outlets, including threat groups themselves, along with insights from threat analysts. To access the report, interested individuals can click here to download it.

In summary, ransomware remains a pressing concern for organizations across various industries, and the tactics employed by threat actors continue to evolve. As cybersecurity experts strive to stay ahead of these threats, it is crucial for businesses to bolster their defenses and remain vigilant in the face of this persistent cybersecurity challenge.

Lidhja e burimit