25TH JUL 2024
One of the top cyber threats that affected industries (as seen in DBIR 2024 report) remains ransomware. It still remains incredibly prevalent - and alarmingly so - with 92% of the cataloged attacks. But how are these attacks commonly launched? Who is launching them?We're going to analyze new ransomware installs in 2024.
By doing so, organizations can come up with concrete cybersecurity awareness training plans that minimize the risk of your digital assets getting ransomed.
Lets take a look.
Unfortunately for just about everyone involved, ransomware is an ever evolving threat. Be it the IT department, the top executives or even a junior employee, ransomware remains an equal opportunity offender.
It remains the top action variety in system intrusion incidents, comprising over 70% of these incidents.
Here's a breakdown of the top action varieties used to intrude systems in 2024:
The report observed the top action vectors being employed during system intrusion.
Most of the ransomware malware attempts happened via direct install. This refers to when cyber criminals use their existing system to install backdoors and malware.
Unsurprisingly, web applications also remain a preferred method for installing ransomware by taking advantage of exploits.
Email also remains an extremely popular way of reaching users, and exploiting the opportunity afforded by desktop sharing software.
A look at the top action vectors:
Direct install - 60%
Web application - 53%
Email - 50%
Other - 27%
Desktop sharing software - 22%
Backdoor - 8%
Understanding the costs of ransomware is a complex undertaking. There are various primary and secondary costs as well as soft costs (such as reputational impacts) to consider.
Researchers agree that the easiest way to calculate ransomware cost is to capture the actual ransom amount.
According to datasets by the FBI, the median adjusted loss this year after law enforcement intervention was $46,000. To put this figure into perspective, this is a steep increase from last year’s number of $26,000. However, this year there was a 3% drop in the proportion of complaints with actual loss when compared to last year.
Another way in which the data can be interpreted is by measuring ransom demands in proportion to the total revenue. This year, the median percentage attributed to this was 1.34% of the victim organization’s total revenue, while 50% of the demands ranged between 0.13% and 8.30%. Within the top 10% of cases, there were a few that reached up to a startling 24% of total revenue.
Undoubtedly ransomware continues to be a major cybersecurity thorn for governments, corporations and non-profits alike. It is only by training employees and other stakeholders can we work towards keeping this threat at bay. Given the data above, security managers need to take how ransomware installs in 2024 so that they can focus on the weakest link.
Only by investing cybersecurity awareness training tools (preferably those that feature high user experience and engagement) can help prevent systems from becoming hostages.
Note: This post is part of our extensive coverage of Verizon's Data Breach Investigations Report 2024, detailing the top cybersecurity threats faced by governmental, non-profit and corporate organizations.
