India, 23rd Dec 2024: In Q3 2024 report, Arete, a pioneering leader in incident response, counter extortion services, and cyber risk management, revealed that RansomHub and Akira continue to be among the most active ransomware groups.
Since its initial detection in May 2024, RansomHub—a Ransomware-as-a-Service (RaaS) group—has gained significant traction. RansomHub targets critical industries, including healthcare, government, and technology, leveraging a double extortion strategy. This approach involves encrypting systems and exfiltrating sensitive data to pressure victims into paying ransoms. Exploiting vulnerabilities in software like Citrix ADC and F5 BIG-IP, the group recently introduced a new tool called EDRKillShifter to bypass security measures. Organizations are advised to combat such threats by prioritizing timely patching of known vulnerabilities, implementing multi-layered defenses and monitoring systems for suspicious activity.
Akira, another significant threat, increased its median ransom demands in Q3 to $700,000. While the percentage of companies paying ransoms has declined, the sharp rise in demand highlights the importance of vigilance. Businesses can bolster their defenses with strong data backup strategies, encryption, and regular security audits.
In addition to these prominent groups, Arete identified two emerging ransomware threat actors in Q3: Lynx and Cicada3301. Lynx, first seen in late July, exhibits similarities with the now-defunct INC group, suggesting a possible rebranding. Cicada3301, observed in August, appears to use code from the former ALPHV group, which disbanded following law enforcement action earlier this year. The rise of these groups underscores that ransomware threats are far from abating. Businesses must proactively update themselves with the latest threat intelligence and conducting regular vulnerability assessments.
“As threat actors evolve their tactics, Arete continues to monitor their activity, analyze trends, and leverage our threat intelligence to better respond to cyber threats,” said Geoff Brown, Arete’s President and Chief Operating Officer. “Using this unique data, we are dedicated to protecting our clients, informing our partners, and contributing to the shared fight against cyber extortion.” Brown added.
While only 29% of organizations are paying ransoms, the escalating demands present a growing concern. Companies must strengthen their cybersecurity postures through employee awareness programs, real-time threat detection systems and comprehensive incident response plans.
+ There are no comments
Add yours