New evaluation of Q1’s ransomware assaults uncovers a single group accountable for almost all and discusses what makes them so profitable.
This form of evaluation helps to ascertain risk panorama developments and retains our collective deal with the locations the place cyber assaults are working.
Based on CyberMax’s Q1 2024 Ransomware Analysis Report, Lockbit (a ransomware group we’ve coated earlier than) continues to dominate the ransomware panorama, rising every quarter in profitable campaigns:
Supply: CyberMax
CyberMax attribute Lockbit’s success to some elements:
- Use of Preliminary Entry Brokers – they observe within the report how Lockbit associates leverage IABs to supply the wanted entry, permitting ransomware actors to deal with the an infection, encryption, and exfiltration elements of an assault
- Improper configuration of exterior / public going through belongings – We noticed within the latest Coveware ransomware report an increase in the usage of Distant Entry Compromise as an preliminary risk vector in ransomware assaults, corroborating CyberMax’s findings
- Exploiting unpatched vulnerabilities – Nonetheless a viable methodology, notably for older working techniques and purposes, risk actors leverage vulnerabilities that may be years previous
- Exploit poor safety hygiene – insecure passwords, an absence of cyber vigilance, use of the identical password on a number of techniques, and extra all add to the chance confronted by a corporation that may be simply taken benefit by risk actors
- Phishing – it nonetheless stays the best and most direct technique to achieve entry to credentials, SaaS purposes, and techniques
Remember the fact that IABs themselves leverage elements 2 by way of 5 to compromise credentials and entry, making all of those doubly threatening. Unpatched vulnerabilities and improper asset configuration have to be addressed by safety groups, whereas safety hygiene and phishing will be addressed by way of continuous new-school safety consciousness coaching.
KnowBe4 empowers your workforce to make smarter safety choices day-after-day. Over 65,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and cut back human threat.
