SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image

Record $75m ransom amid rise in ransomware attacks

Fri, 27th Sep 2024

The latest threat report from NCC Group reveals a significant rise in ransomware attacks in August, marking a 14% increase from the previous month of July.

The total number of attacks reached 450, up from 395 in the previous month, and a notable rise from 389 recorded in the same month last year.

RansomHub emerged as the most active threat actor for August, responsible for 72 attacks, a substantial 67% increase from 43 attacks in July. The group accounted for 16% of all ransomware activities during the month. Following RansomHub, Meow secured the second position with 41 attacks, LockBit 3.0 was third with 29 attacks, and Play came fourth with 27 attacks.

A new record for the highest cyber ransom paid was also set in August. A well-known Fortune 50 company paid a ransom of USD $75 million to the Dark Angels ransomware organisation, surpassing the previous highest known ransom of USD $40 million.

The geographical distribution of the ransomware attacks revealed that North America and Europe were the most targeted regions, accounting for 80% of the total incidents. North America encountered 232 attacks, representing 52% of the global total. Europe followed with 125 attacks, making up 28% of the total and showing a substantial increase from 83 incidents in July. Asia and South America also saw modest rises in attacks, moving from 41 and 18 in July to 42 and 21 in August respectively. Africa reported an increase from 10 to 14 attacks.

The Industrials sector continued to be the most targeted, responsible for 24% of all attacks, which equates to 109 incidents. Consumer Discretionary followed closely with 104 attacks. The Information Technology and Healthcare sectors were jointly third, each witnessing 46 attacks.

During the Paris Olympics, the Grand Palais and around 40 other museums in France were targeted by ransomware attacks. Although these incidents caused disruption to the cultural sites, they did not affect the Olympic Games. The French cyber security agency, ANSSI, quickly contained the impact, demonstrating the effectiveness of the cyber security measures in place for the event. This attack was part of a larger trend of cyber assaults on critical infrastructure, including government entities and transport networks.

Matt Hull, Head of Threat Intelligence at NCC Group, commented on the findings, stating, "The increase in ransomware attack figures this month is demonstrative of the continuing volatility of the threat landscape. Previous months have seen a slight reduction in attacks, in part due to the takedown of LockBit 3.0, but this month has shown that other actors are all too ready to take their place."

Hull emphasised the significance of robust cyber security measures, particularly for major events or organisations. "That's why it's so important to draw attention to situations such as the Grand Palais attack. Having robust cyber security measures in place is paramount, particularly when it comes to major events or organisations. The havoc that a cyber attack could have caused at the Olympics is almost unthinkable – thankfully, this did not become a reality," he added.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X