Skip to content
Home » Ransomware threats to small and medium-sized businesses will increase in the first half of 2024 – WithSecure releases Ransomware Threat Report

Ransomware threats to small and medium-sized businesses will increase in the first half of 2024 – WithSecure releases Ransomware Threat Report

with secure
Ransomware threats to small and medium-sized businesses will increase in the first half of 2024 – WithSecure releases Ransomware Threat Report
~ Ransomware industry adapts and evolves after law enforcement takedown of Lockbit ~
……
WizSecure has published a report, “Latest Ransomware Threat Report 2024 First Half Edition”, which summarizes insights on the situation and trends surrounding ransomware in the first half of 2024. The scale of the ransomware industry will peak in the second half of 2023, and its productivity will likely level off in 2024. However, the number of attacks and ransom payments in the first half of 2024 are on the rise compared to the same period in 2022 and 2023.
WithSecure (HQ: Helsinki, Finland, hereinafter referred to as WithSecure), a provider of advanced cybersecurity technology, has published a report, “Latest Ransomware Threat Report 2024”, which summarizes insights on the ransomware landscape and trends in the first half of 2024. The first half edition has been published. The scale of the ransomware industry will peak in the second half of 2023, and its productivity will likely level off in 2024. However, the number of attacks and ransom payments in the first half of 2024 are on the rise compared to the same period in 2022 and 2023.
Below are some of the insights covered in this report:
The number of victims listed on ransomware leak sites in the first half of 2024 was 2,568. By region, America ranked first with 1,332 cases (52%). The next place was Europe with 644 cases (25.1%). In Japan, there were 21 cases, accounting for 0.8%.
In terms of damage by sector, engineering/manufacturing ranked first at 20.59%, more than doubling the second place real
estate/construction (9.02%).
By company size, victims are small organizations (200 employees or less), increasing from 50% in 2022 to 61% in 2024.
[Imaged1340-386-503466f40f7cec9205b5-0.jpg&s3=1340-386-88b23756ceab1c3f6440f418f5df09a4-1946x973.jpg
(Figure: Distribution of ransomware damage by region)
Tim West, Head of Threat Intelligence at WithSecure, has this to say about the trends for the first half of 2024:
“While the takedown of Lockbit by law enforcement in February 2024 played a significant role in thwarting the activities of major ransomware groups, the long-term impact of the takedown remains uncertain and the Ware groups are adapting and evolving. We believe Lockbit is almost certainly in a rebuilding phase as it seeks to return with a stronger operational structure. Masu.”
This report examines the architecture of ransomware groups and highlights the increasing competition among them to attract affiliates to their fold. After law enforcement took action against Lockbit and ALPHV, “nomadic” affiliates have moved on to other groups. West describes this situation:
“In the ALPHV exit scam, ALPHAV did not pay the affiliates the compensation they were supposed to earn. As a result, trust within the cybercrime community has significantly decreased. The balance of power within the ransomware ecosystem has become even more complex.” Notable trends identified in this report include increased adoption of initial access by exploiting edge services, as noted in previous WithSecure research this year, and ransomware groups using legitimate remote These include frequent use of administrative tools. Data also shows that a significant percentage of organizations that paid ransoms were subsequently targeted again by the same or different ransomware groups, highlighting the persistent problem of reinfection. We were able to obtain data that shows that the targets of attacks are beginning to shift from large companies to small and medium-sized enterprises. West concludes with this comment on the rise in attacks on small and medium-sized businesses:
“From 2022 onward, small and medium-sized businesses will account for a larger proportion of companies listed on ransomware leak sites.The rate of ransom payments will decline, and the amount paid per ransom will become smaller. However, the number of threats is increasing in order for attack groups to maintain their overall profits. Unlike large companies, many small and medium-sized enterprises do not have cyber insurance, and even if the ransom amount is small, It’s an easy target for attackers.”
The full text of the Latest Ransomware Threat Report 2024 H1 Edition (Japanese) can be found on the following page:
https://www.withsecure.com/content/dam/with-secure/ja/resources/202409_WithSecure_Ransomware_Landscape_JP_Light.pdf With Secure Website:
https://www.withsecure.com/jp-ja/
With Secure Press Page:
https://www.withsecure.com/jp-ja/whats-new/pressroom
About WithSecure(TM)
WithSecure is the cybersecurity partner of choice for many European companies. We are trusted by IT service providers, MSSPs, and customer organizations around the world to provide outcome-based cybersecurity solutions that protect small and medium-sized businesses. WithSecure complies with European data protection regulations and is focused on privacy, data sovereignty, and compliance.
With over 35 years of experience, we have a portfolio to help companies shift their paradigm from passive/conservative cybersecurity measures to proactive/advanced approaches. WithSecure offers a flexible commercial model based on a commitment to collaborative growth with our partners, ensuring mutual success in the dynamic world of cybersecurity.
At the heart of WithSecure’s cutting-edge portfolio is Elements Cloud, which seamlessly integrates AI-powered technology, human expertise, and co-security services. In addition, modular features across endpoint and cloud protection, threat detection and response, and exposure management strengthen SMB users’ security posture.
Established in 1988, WizSecure is headquartered in Helsinki, Finland, and its Japanese subsidiary, WizSecure Co., Ltd., is located in Minato-ku, Tokyo. It is also listed on NASDAQ Helsinki. For more information, please visit www.withsecure.com. We also disseminate information on the X (formerly Twitter) account @WithSecure_JP https://twitter.com/WithSecure_JP.
More details about this release:
https://prtimes.jp/main/html/rd/p/000000386.000001340.html