SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Ransomware
#
MFA
#
Cybersecurity

Ransomware attacks rise with construction sector most hit

Yesterday
Author image
By Sean Mitchell, Publisher

Corvus has published its Q3 2024 Cyber Threat Report, which reveals the persistence of ransomware activity and the increasing distribution among various threats throughout the third quarter of the year.

The report identifies 1,257 ransomware victims in Q3, a slight increase from 1,248 victims recorded in Q2. This data underscores the ongoing prevalence and severity of ransomware attacks affecting various sectors globally.

Significant vulnerabilities in VPNs and weak passwords were exploited as entry points for nearly 30% of these ransomware incidents. These weaknesses provided attackers with access to systems through automated brute-force attacks, enabling them to gain unauthorised entry with minimal difficulty.

Jason Rebholz, Chief Information Security Officer at Corvus, stated, "Attackers are focused on finding the path of least resistance into a business to launch an attack, and in Q3 that entry point was the VPN. As we look forward, businesses must strengthen defenses with multi-layered security approaches that extend beyond MFA. Today, MFA is mere table stakes and must be complemented with secure access controls capable of shoring up these current and future areas of vulnerability."

The report details that 40% of Q3's attacks were attributed to five groups: RansomHub, PLAY, LockBit 3.0, MEOW, and Hunters International. Among these, RansomHub emerged as the most active group, with a substantial rise in incidents compared to the previous quarter.

The overall ransomware ecosystem has become more distributed, with a total of 59 groups identified by the end of the quarter. This marks an expansion in the criminal landscape, suggesting that new entrants could potentially disrupt and complicate existing defensive measures. Since its emergence in February 2024, RansomHub has claimed more than 290 victims and has swiftly become a significant player following the takedown of LockBit in Q1.

The construction industry was notably affected, remaining the most targeted sector with 83 reported victims in Q3, a 7.8% increase from 77 in Q2. Healthcare organisations also witnessed a surge in ransomware incidents, experiencing a 12.8% increase to 53 reported victims from 42 in the previous quarter.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Versa launches pay-as-you-go cloud firewall on AWS
Exploring the role & impact of bots in eCommerce
Nile introduces campus zero trust service with partners
SURF unveils AI tool to combat growing deepfake threats
The intersection of browser security and AI: how enterprises are navigating the double-edged sword
Top stories
HiTRUST focuses on balancing security with user experience
Cybersecurity report reveals 145,000 exposed ICS systems
ThreatQuotient report highlights rise in cyber automation
Cybercriminals target Olympic Games & concerts in 2024
Akamai enhances cloud security & zero trust solutions