A new report from Check Point Research shows that ransomware remains the top cyber threat, with RansomHub emerging as the fastest-growing group, operating through Ransomware-as-a-Service (RaaS).
As of September 2024, RansomHub accounted for 19 percent of all ransomware victims published in shame sites, marking a shift in the cybercriminal landscape. Meanwhile, Lockbit, once dominant, has seen a significant decline, responsible for only five percent of new victims, many of which are recycled from previous attacks.
“RansomHub’s rapid growth and advanced tactics like remote encryption are reshaping the ransomware landscape. It’s crucial that organisations adopt AI-powered and proactive threat prevention to stay ahead of these emerging threats,” says Sergey Shykevich, group manager, products — R&D at Check Point Software Technologies.
There’s also evidence of a moving away from traditional encryption tactics, the Meow ransomware now focuses on data theft and extortion, reflecting a broader trend towards non-encryption-based ransomware strategies.
Industrial manufacturing remains the sector most targeted by attacks at 22 percent, followed by education on 13 percent. Many manufacturers continue to rely on legacy systems crucial to their processes that lack the necessary security measures to defend against modern ransomware attacks.
Healthcare organizations also continue to be targeted — although they only account for three percent of attacks — despite some groups’ public statements against attacking such institutions. RansomHub attacked 10 healthcare institutions in September 2024. These attacks have included community clinics and surgical centers, showing that affiliates often don’t feel bound by these promises.
The majority of attacks are concentrated in North America, with 48 percent of all victims in September 2024 located in the United States. There have been some notable attacks in non-western nations too, September 2024, an Iranian company paid $3 million in ransom to prevent the release of sensitive banking data from 20 Iranian banks.
You can read more of the findings on the Check Point blog.
Image credit: lighthouse/depositphotos.com