SecurityWeek reports that ransomware attacks during the first six months of 2024 have exceeded 2,500, with average monthly postings to leak sites reaching 40, compared with 24 during the same period last year.
Such an increase was driven by the continued transition of ransomware operations to double extortion activities, according to a report from Rapid7. While LockBit has been one of the most prolific ransomware gangs during the first half of the year, its activity declined in June following the FBI's seizure of 7,000 decryption keys belonging to the group, researchers reported. On the other hand, the RansomHub operation also became suddenly inactive around the time of the dismantling of ALPHV/BlackCat although Rapid7 Senior Director of Threat Analytics Christiaan Beek noted that the association between both groups could not be completely substantiated. Additional findings revealed that the absence or improper implementation of multi-factor authentication remains to be the leading attack vector of ransomware groups.
