Ransomware Remains a Leading Cyber Threat Despite RaaS Group Shakeups, GuidePoint Security Finds

Barchart · 10/17 04:56

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today the release of GuidePoint Research and Intelligence Team’s (GRIT) new Ransomware and Cyber Threats Insight Report.

Ransomware and Cyber Threat Insights: The Rise of Ransomware’s Middle Class provides an in-depth look at the evolving ransomware ecosystem, the top tactics, techniques, and procedures threat actors are utilizing, and emerging cybercrime trends from Q3—including an uptick in the creative use of social engineering and an emerging Ransomware-as-a-Service (RaaS) “middle class.”

“While RaaS groups have made efforts to fill the power vacuum left by AlphV and LockBit, there is still a notable gap in the ransomware ecosystem,” said Grayson North, Senior Security Consultant, GRIT. “Groups are more loosely affiliated than before, which is correlating with a wider, more diverse spread of victims, slower attack tempos and a stabilizing growth volume of active ransomware groups.”

The Ransomware and Cyber Threats Insight Report also explores the access techniques behind the continued success of more established RaaS groups such Akira and RansomHub, how new law enforcement approaches are impacting threat actors and a surge of ransomware victims in countries with rising economies.

Key Highlights of the Report:

  • Ransomware remains a formidable threat facing organizations, with 49 active groups impacting more than 1,000 publicly posted victims in Q3 2024.
  • A strong “middle class” has emerged in the RaaS ecosystem following a myriad of shakeups from law enforcement disruption. This middle class is distributing ransomware victims across a greater number of diverse groups.
  • Threat actors are increasingly leveraging legitimate services and platforms to deliver targeted phishing messages. While the abuse of trusted notification services is not a new approach to delivering malware, GRIT has recently observed novel–and progressively sophisticated–delivery techniques.
  • The industries most impacted by ransomware in Q3 2024 were manufacturing, technology and healthcare, respectively. Manufacturing remains the most impacted industry by a substantial margin.
  • The United States accounted for over 50% of observed ransomware victims this quarter. The United Kingdom and Germany experienced a significant decline in observed attacks during the same period.

“Unfortunately, a stabilizing growth pace doesn’t translate to a massive decrease in ransomware attacks or make the attacks any less dangerous,” North added. “While the previously staggering growth of RaaS groups and attacks appears to have plateaued in recent months, ransomware remains a highly profitable endeavor for cybercriminals, and shows no indication of receding in 2024 or through 2025.”

The Ransomware and Cyber Threats Insight Report is based on data obtained from publicly available resources, including threat groups themselves, as well as threat analyst insights into the ransomware threat landscape.

For more information:

About GuidePoint Security

GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled 40% of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.