Ransomware incidents worldwide increased in 2024 by 11 percent from the previous year, according to Check Point External Risk Management.
In its Ransomware Yearly Report, Check Point External Risk Management revealed that 5,414 published attacks were logged last year, with 33 percent of the total attacks occurring in the fourth quarter.
Adi Bleih, Security Researcher at Check Point External Risk Management, emphasized the growing importance of cybersecurity for businesses:
“The battle against ransomware is not just about technology but a commitment to resilience and preparedness.”
How ransomware evolved in 2024
Ransomware is a malicious computer program that locks an individual’s or business’ digital systems until they follow a hacker’s demands.
READ: The cyber threats the Philippines will face in 2025
These threat actors usually require huge sums of money before they return access.
Otherwise, the hackers may share confidential information or perform other nefarious activities as penalties.
Nowadays, many hackers have banded together to infect systems worldwide with ransomware.
The most prominent ransomware groups faced stricter crackdowns, breaking into smaller groups.
Consequently, these splinter groups competed against each other to gain prominence.
READ: Extortionware: What makes it different from ransomware?
This shift led to the rise of 95 active ransomware groups last year, which represents a 40 percent increase from the 68 active groups in 2023.
Also, Ransomware-as-a-Service (RaaS) and improving tactics have made these attacks easier to execute with greater impact.
RansomHub stood out among the rest, and the top 10 groups were responsible for 52.8 percent of attacks.
In Q4 2024, the United States was the most targeted country with 936 ransomware attacks. Also, here were its most targeted industries and their respective cyberattacks:
- Business Services: 451
- Retail: 279
- Manufacturing: 201
- Constructions: 107
- Finance: 85
- Healthcare: 78
- Education: 77
- Technology: 63
- Government: 55
- Automotive: 50
READ: Phishing, ransomware attacks remain top cyber threats in PH
In response, businesses must adopt the following proactive measures:
- Comprehensive threat detection with solutions that offer real-time visibility into network activity.
- Patch management via regular updates to address known vulnerabilities.
- Education and training employees in recognizing phishing attempts and other attack methods.
- Collaborative defense via working with industry peers and law enforcement to share intelligence and bolster security.
“Organizations must adopt a proactive, intelligence-driven approach to cyber security, emphasizing real-time threat detection, robust incident response, and comprehensive education,” Bleih said.