Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), has released their annual “State of Ransomware” report, revealing an alarming increase in ransomware attacks and a shift in tactics used by cybercriminals. The report indicates that ransomware attacks are surging again, with cybercriminals employing new strategies that involve exfiltrating and leveraging sensitive data rather than simply encrypting systems and holding them for ransom.
The report, titled “State of Ransomware 2024: Anticipating the Battle and Strengthening Your Defenses,” is based on data from a Censuswide survey of over 300 US IT and Security decision-makers. The findings show that the number of organizations claiming to have been victims of ransomware in the past 12 months has more than doubled since last year, from 25% to 53%. Mid-sized companies are particularly vulnerable, with 65% stating they’ve been a ransomware victim in the past year. Furthermore, organizations are paying ransoms more frequently, with the percentage increasing to 76% from 68% the prior year.
One of the most striking findings is the change in cybercriminals’ tactics, motivations, and strategies. The survey revealed a significant surge in data exfiltration, with 64% of respondents reporting that cybercriminals are gaining control of a company’s network to download sensitive data to sell on the darknet. This tactic has become more popular than traditional money grabs, with only 34% citing financial gain as the main motivation, down from 69% the year before.
Rick Hanson, President at Delinea, emphasized the shifting landscape of ransomware attacks, stating that “Ransomware certainly appears to have reached a critical sea change – it’s no longer just about the quick and easy payout.” He noted that even as organizations are investing more in safety nets like cyber insurance, cybercriminals are finding that using stealth tactics to access sensitive, valuable information to sell is a more profitable use of their efforts.
In response to the change in cybercriminal tactics, organizations are also adjusting their security measures. The report found that cybercriminals are moving away from using email as a preferred attack vector and are now targeting cloud and compromised applications instead. By taking a more covert approach, attackers can remain undetected longer and gain continuous access to systems and data, enabling them to ramp up the damage when they choose.
Despite these emerging threats, organizations are taking steps to bolster their defenses. The report found that 91% have specific budget allocations for ransomware, up from 68% in 2022. However, only 61% said security budgets were allocated following an attack, suggesting that economic uncertainty or tighter budgets may be affecting response measures.
Joseph Carson, Advisory CISO and Chief Security Scientist at Delinea, stressed the need for a layered approach to security that mitigates the risk of unauthorized access, even when credentials are compromised. He also highlighted the critical role privileged access plays in overall cybersecurity postures.
Overall, the “State of Ransomware” report underscores the evolving nature of ransomware attacks and the need for organizations to adapt their security measures to counter these changing tactics. For organizations looking to learn more, the report is available for download at https://delinea.com/resources/ransomware-2024-research-report.
Delinea is a leading provider of Privileged Access Management (PAM) solutions for the modern, hybrid enterprise. The Delinea Platform seamlessly extends PAM by providing authorization for all identities, granting access to an organization’s most critical hybrid cloud infrastructure and sensitive data to help reduce risk, ensure compliance, and simplify security. Delinea aims to remove complexity and define the boundaries of access for thousands of customers worldwide. To learn more about Delinea, visit their LinkedIn, Twitter, and YouTube pages.