New analysis from Symantec shows that ransomware attacks increased significantly in the second quarter of 2024.
The company numbers According to criminal groups, 1,310 attacks were reported during that period, a 36% increase from the previous quarter and close to the record number of 1,488 attacks registered in the third quarter of 2023.
“The sharp increase in attacks in the second quarter of this year suggests that the momentum is back with the attackers,” the report said. “While high-profile ransomware operations like Noberus have been shut down, the pool of skilled affiliates appears unaffected, with many simply migrating to alternative franchises.”
A new wave – with some old names
Symantec’s report suggests that the disruption of Lockbit, the largest ransomware as a service (RaaS) provider, earlier this year led to a dramatic decline in ransomware attacks in the first quarter of 2024, but the latest reports show cybercriminals have returned. Lockbit activity in Q2 2024 accounted for 353 attacks, the highest level detected to date.
New groups like Qilin proved to be more prolific following the Lockbit takedown, with 97 attacks in Q2 of 2024, which was a 47% increase. The Ransomhub group tripled its attacks from Q1 to Q2, perhaps proving that the Lockbit disruption simply diversified the landscape rather than crippling activity.
Ransomware payments have also become more expensive in recent years, with an average demand of $1.5 million. As cybersecurity inevitably becomes more central to organizations, it is crucial for every business to understand and mitigate the risks of ransomware.