Human kite and5/14/2024 This is a startling number considering the profound impact caused by ransomware-related business disruptions and theft of patient health information (PHI), as evidenced by recent news of the $1.6 billion hit to United Health in the wake of the Change Healthcare attack. As an example, healthcare jumped to the third most targeted industry with 273 victims. While previous years saw a focus on resource-rich organizations, ransomware groups are more frequently targeting organizations that offer critical human services and smaller companies with revenue under $20 million (nearly 1200 victims). The report offers a detailed analysis of victims and cybercriminals’ approaches to profiling and targeting. Data also indicates that ransomware affiliates may work with multiple RaaS providers, leading to multiple payloads from different groups in a single environment. These attacks are happening in quicker succession - sometimes with mere days between attacks - indicating the ransomware groups are monitoring other groups’ activity so they can strike while a victim is still weak. More than 100 companies were victimized by two groups and several were victimized by three groups. The Black Kitre report reveals that 9 of the top 15 most active groups are new entrants to the market.ĭata indicates not just escalation but also acceleration of attacks, signaling the evolution and increasing aggressiveness of ransomware players. Emerging groups, such as Akira and 8base, are quickly climbing in power and authority. The report discusses the rise and fall of established players like LockBit and how data supports a dynamic, thriving industry with multi-affiliate collaboration and bidding wars for affiliates. The report provides insight into talent acquisition and revenue structures - with operators typically retaining 20-30% and affiliates taking the lion’s share of revenue. Ransomware as a business and its emerging leaders This shift underscores the volatility within these illicit networks while highlighting the critical cybersecurity challenges organizations around the world face every day in threat detection and mitigation.” It merely caused them to refocus and realign, and in some cases join forces with other affiliated groups. “Law enforcement’s dismantling of notorious groups like AlphV has not discouraged operations. The sophistication of these groups rivals that of any Silicon Valley tech startup,” said Ferhat Dikbiyik, chief research and intelligence officer, Black Kite. “We are seeing an unrelenting surge in ransomware attacks in a world where cyber adversaries function like shadow enterprises. The report - which offers analysis of more than 130 ransomware groups, their activities and their victims over a one-year period - sheds light on cybercriminals’ evolving tactics, their operations and the profound impact ransomware attacks have on victims worldwide. The research by Black Kite’s BRITE group offers an unprecedented deep dive into the sophistication and interconnectedness of the ransomware ecosystem, breaking down the corporate-like structure of these cybercrime actors.
0 Comments
Leave a Reply. |