Corvus Insurance, a subsidiary of The Travelers Companies, Inc., has released its Q3 2024 Cyber Threat Report, The Ransomware Ecosystem is Increasingly Distributed. The report reveals that VPN vulnerabilities and weak passwords were exploited in nearly 30% of ransomware attacks during the quarter. These incidents were often linked to outdated software and poorly protected VPN accounts, including those using common usernames like “admin” and lacking multi-factor authentication (MFA). Automated brute-force attacks on these weak credentials allowed attackers to gain access to networks with minimal effort.
Jason Rebholz, Chief Information Security Officer at Corvus, highlighted the need for businesses to adopt more robust security measures, stating, “Today, MFA is mere table stakes and must be complemented with secure access controls to address current and future vulnerabilities.”
The ransomware ecosystem continues to evolve, with 1,257 victims reported in Q3, a slight increase from Q2. Five groups—RansomHub, PLAY, LockBit 3.0, MEOW, and Hunters International—accounted for 40% of these attacks. RansomHub led the quarter with 195 victims, up 160% from Q2, while LockBit 3.0 saw a sharp decline in activity. The overall ransomware landscape grew, with 59 groups identified by the end of Q3, underscoring the dynamic nature of the threat.
The construction industry remained the most targeted sector, with 83 attacks in Q3, a 7.8% increase from Q2. Healthcare also faced growing threats, with a 12.8% rise in reported incidents, totaling 53 victims. These trends highlight the urgent need for industries to prioritize cyber resilience as ransomware groups continue to exploit vulnerabilities in critical infrastructure.
Cybersecurity Market News:
- ANY.RUN Sandbox Now Automates Interactive Analysis of Complex Cyber Attack Chains
- Open Cybersecurity Schema Framework (OCSF) Joins the Linux Foundation to Optimize Critical Security Data
- Survey Reveals Gaps in Cybersecurity for Data Storage, Despite Rising Threats
- Red Hat Enhances OpenShift with New Hybrid Cloud Capabilities and AI Integration
- New 2024 US Consumer Survey Reveals Highest Demand for Mobile Security in Four Years
- Genians Partners with Central American Nations to Enhance Regional Cybersecurity at K-CAFTA Forum
- Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace
- NIST has standardized four post-quantum signature schemes
- Cloudflare Reports Record Q3 2024 Financials, Surpasses Expectations with 28% Revenue Growth
- Election Day 2024 in the US saw a surge in cyber activity
Leave a Reply