Arete released its Q3 2024 Crimeware Report, highlighting key trends and notable shifts in the cyber threat landscape. Arete’s global teams gather data and insights from every aspect of the threat lifecycle, providing comprehensive visibility to inform analysis of the threat landscape. The report leverages data collected during Arete’s response to ransomware and extortion attacks during Q3 2024. It explores the most observed threat groups, trends in ransom demands and payments, industries targeted by ransomware attacks, and the impact of law enforcement actions.
Key findings within the report:
- New ransomware groups continued to emerge throughout Q3, with some newcomers bearing similarities to Ransomware-as-a-Service (RaaS) organisations that previously shut down their operations or reportedly sold their source code.
- The percentage of companies and organisations paying ransoms remained low in Q3, but both initial demands and median payments increased.
- In Q3, threat actors did not appear to intentionally target specific industries, unlike in Q2 when the Fog ransomware group regularly targeted organisations in the education sector.
- Cybercriminals continued to leverage most of the same malware variants and legitimate tools observed in the first half of 2024, except Cobalt Strike, which was observed notably less in Q3.
“As threat actors evolve their tactics, Arete continues to monitor their activity, analyse trends, and leverage our threat intelligence to better respond to cyber threats,” said Geoff Brown, Arete’s President and Chief Operating Officer. “Using this unique data, we are dedicated to protecting our clients, informing our partners, and contributing to the shared fight against cyber extortion. ” Brown added.