There is escalating threat posed by ransomware attacks globally, Palo Alto Networks said in its analysis.
The investigation conducted by Unit 42 delved into 3,998 leak site posts originating from various ransomware groups. These leak sites serve as platforms where cybercriminals publicly disclose stolen data, leveraging it as leverage to extort ransom payments from victims.
Key revelations from the report titled the “Ransomware Retrospective 2024: Unit 42 Leak Site Analysis and Incident Response Report 2024” indicate a staggering 49 percent increase in multi-extortion ransomware attacks globally, spanning from 2022 to 2023. Particularly alarming is the targeting of India’s manufacturing sector, which emerged as the primary victim of ransomware extortion in 2023.
Among the ransomware groups, LockBit ransomware remains the most prevalent, with a notable presence in Asia-Pacific (APAC) and India. However, it’s noteworthy that these findings were observed before recent law enforcement efforts disrupted LockBit operations.
Anil Valluri, Managing Director and Vice President of India and SAARC at Palo Alto Networks, highlighted factors such as limited visibility into operational technology systems, inadequate network monitoring, and suboptimal cyber hygiene practices, which leave organizations exposed to cyber threats.
Furthermore, the report underscores the evolving nature of cyber threats, with attackers increasingly targeting software and API vulnerabilities. This necessitates a shift towards integrated cybersecurity solutions to mitigate risks effectively.
The Unit 42 report delves into incident response strategies, revealing intriguing trends. While phishing attacks have historically been prevalent, there’s been a notable decline in their occurrence, indicating a shift towards more sophisticated infiltration methods. Threat actors are exploiting software and API vulnerabilities to gain initial access, reflecting a growing trend among cybercriminals.
Moreover, the report highlights the indiscriminate nature of data theft by threat actors, with 93 percent of incidents involving non-targeted data theft. This surge in data breaches underscores the urgent need for robust cybersecurity measures across organizations.
Huzefa Motiwala, Director of Systems Engineering for India and SAARC, expressed cautious optimism amidst the escalating threat landscape. He noted a promising shift in organizations’ response strategies, with an increase in median ransom demands countered by a decrease in median payouts.