Delinea, a prominent provider of solutions seamlessly extending Privileged Access Management (PAM), has released its annual “State of Ransomware” report today. The report indicates a resurgence in ransomware attacks, with cybercriminals adopting a new strategy. Instead of the traditional method of crippling and holding companies hostage, they are now employing stealth techniques to exfiltrate private and sensitive data. Subsequently, these cybercriminals often threaten to sell the data on the darknet or leverage it to secure significant cyber insurance payments.
Titled “State of Ransomware 2024: Anticipating the Battle and Strengthening Your Defenses,” the report analyzed data from a Censuswide survey of over 300 US IT and Security decision-makers. It aimed to identify substantial changes compared to the previous year’s report and uncover potential new trends. The key findings indicate a notable increase in ransomware incidents, with the percentage of organizations claiming to be victims rising from 25% to 53% in the past 12 months. Mid-sized companies, in particular, reported being targeted the most, with 65% stating they fell victim to ransomware during the same period.
The report also highlights a rise in the frequency of ransom payments, increasing from 68% to 76% compared to the previous year. Notably, the motivations, strategies, and tactics of cybercriminals are evolving, with data exfiltration witnessing a significant surge of 39%. This has become a preferred goal for attackers who aim to gain control of a company’s network to download sensitive data for sale on the darknet. Interestingly, traditional motivations centered around monetary gains have declined, indicating a shift in cybercriminal priorities.
Rick Hanson, President at Delinea, notes, “Ransomware has undergone a critical sea change; it’s no longer just about the quick and easy payout. Cybercriminals are now investing efforts in stealth tactics to access valuable information, realizing it to be a more lucrative endeavor.”
As cybercriminal goals evolve, their tactics have also shifted away from email as a preferred attack vector, decreasing from 52% to 37%. Instead, they are targeting the cloud (44%) and compromised applications (39%). This covert approach allows attackers to remain undetected longer, gaining continuous access to systems and data to maximize damage.
The report reveals contrasting trends in organizations’ measures against ransomware. While 91% allocate specific budgets for ransomware, up from 68% in 2022, only 61% allocate security budgets following an attack, possibly due to economic uncertainty or tighter budgets. Despite the belief that increased spending on critical areas like Privileged Access Management (28%, up from 16%) could enhance defenses, respondents seem uncertain about how such spending would improve security.
Joseph Carson, Advisory CISO and Chief Security Scientist at Delinea, emphasizes the need for a layered approach to security to mitigate the risk of unauthorized access, even in the event of compromised credentials. He underscores the critical role privileged access plays in overall cybersecurity postures.
In a positive development, 76% of respondents report that their leadership is now concerned about ransomware, although this concern may have arisen only after an actual attack.
