Ransomware attacks surged in 2024 as hackers looked to strike faster than ever

News
By published

Ransomware-as-a-service is lowering the barrier for entry

Ransomware attack on a computer
(Image credit: Kaspersky)
  • Ransomware attacks increased fourfold in 2024, Barracuda report claims
  • The rise was made possible by increase in RaaS providers
  • The attacks have also gotten faster, report says

Ransomware attacks increased four-fold in the span of a year, likely driven by the increase in ransomware-as-a-service (RaaS) offerings, new research has claimed.

A new in-depth analysis published by cybersecurity researchers from the Barracuda Managed XDR team analyzed 11 trillion IT events logged to identify potential risks. A million indeed were malicious, and of those - 16,812 were confirmed attacks that required immediate defensive action.

While most attack types (DDoS, malware, phishing, etc.) were largely stable compared to previous years, and spread relatively evenly across months, ransomware stands out. According to the findings, the number of these attacks increased fourfold over 2024. Although they cannot be absolutely certain, the researchers believe the rise is driven by the prevalence of ransomware-as-a-service offerings.

Speeding up

“The developers behind RaaS platforms often have the time, resources, and skills to invest heavily in advanced and evasive toolsets and templates,” it was said in the report. “The RaaS operational model also extends the pool of attackers deploying ransomware, bringing it within reach of anyone willing to lease and leverage the kits.”

Another notable finding is that cyberattacks are getting faster. Barracuda’s researchers said that advances in security tools and strategies allow security pros to detect attacks more easily, and remove them from the network faster. In response, the attackers accelerated their attacks, increasing risks, as well.

All this means it’s never been this important for organizations to implement effective and comprehensive security, Barracuda concludes.

That includes robust multi-factor authentication, different access controls, and a “solid approach” to patch management and data protection. To round it all off, businesses should regularly train their employees in cybersecurity awareness.

“Attackers will exploit every security gap they find to further their attacks,” Barracuda concludes. Businesses should respond with a “comprehensive XDR solution” that integrates network, endpoint, server, cloud, and email security.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.