- BlackFog says ransomware rose significantly in 2024
- Two groups particularly stood out - LockBit and RansomHub
- Infections increased across industries, despite increased awareness
2024 was a record-breaking year for ransomware attacks, with more groups, more malware variants, and higher payouts than ever before, new research has said.
Cybersecurity researchers BlackFog found compared to 2023, there were 65% more groups detected in 2024r - 48 in total. A significant number of these - 44 new variants - were responsible for almost a third (32%) of all undisclosed attacks in 2024.
In the last two months of the year, threat actors that first emerged in 2024 accounted for more than half of the attacks in each month.
LockBit and RansomHub
When it comes to disclosed attacks, the majority went to healthcare, government, and education verticals. These three took up almost half (47%) of all reports for the year. Attacks on healthcare increased by 20% year-on-year, on government 15%, and on education 10%. However, percentage-wise, there were industries who reported significant rises, as well, including retail (96%), services (88%), and finance (66%).
For undisclosed attacks, the top three industries were manufacturing (17.6%), services (12.2%) and technology (9.7%).
Two groups stood out as particularly dangerous - LockBit and RansomHub. The former is one of the most prominent threat actors in recent years, and in 2024, it targeted 603 victims. In May 2024 alone, the group launched almost 200 attacks, taking up a significant portion (36%) of all attacks reported that month.
RansomHub, on the other hand, did not lag much. Despite only being introduced in February 2024, it managed to affect 586 victims, including government entities and 78 organizations in the global manufacturing sector.
BlackFog also said the Medusa group was worth mentioning, even though it accounted for “just” 5% of all disclosed incidents for the year, as it was known for demanding enormous fees, often exceeding $40 million.
“The report shows 2024 was a landmark year with organizations facing growing financial and reputational damage from ransomware attacks, with high-value sectors particularly pressured to pay ransoms to restore operations,” said Dr. Darren Williams, Founder and CEO of BlackFog.
“As cybercriminals continuously refine their techniques to exploit vulnerabilities and launch large-scale attacks, defending against ransomware is becoming increasingly complex. Governments are stepping up efforts to counter this growing threat, introducing new measures such as mandatory ransomware incident reporting. However, the global ransomware crisis continues to escalate at an alarming rate. In this evolving threat landscape, proactive and preventative strategies to mitigate ransomware and data exfiltration have never been more crucial.”
You might also like
- US, UK crack down on Russian bulletproof hosting service ZServers for LockBit partnership
- We've rounded up the best password managers
- Take a look at our guide to the best authenticator app
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.