New analysis from Symantec has revealed a significant increase in the number of ransomware attacks in the second quarter of 2024.
The company's figures said criminal groups claimed 1,310 attacks during the period, a 36% increase from the previous quarter and close to the all-time high of 1,488 attacks recorded in Q3 2023.
“The sharp increase in attacks in the second quarter of this year suggests that attackers have regained momentum,” the report states. “While high-profile ransomware operations such as Noberus have been shut down, the pool of trained affiliates appears to be unchanged, with many appearing to simply migrate to alternative franchises.”
A new wave, with some old names
Symantec’s report suggests that the outage of Lockbit, the largest ransomware-as-a-service (RaaS) provider earlier this year, led to a dramatic decline in ransomware attacks during the first quarter of 2024, but the latest reports show that cybercriminals have recovered. Lockbit’s operations in the second quarter of 2024 accounted for 353 attacks, the highest level detected to date.
New groups like Qilin proved more prolific following the Lockbit takedown, claiming 97 attacks in Q2 2024, a 47% increase. The Ransomhub group tripled its attacks from Q1 to Q2, perhaps showing that the Lockbit outage simply diversified the landscape rather than crippling operations.
Ransomware payments have also become more expensive in recent years, with the average demand being $1.5 million. As cybersecurity inevitably becomes more important for organizations, understanding and mitigating the risks of ransomware is crucial for any business.
