Consumer Sector Becomes Top Ransomware Target

Although attacks slightly decreased last quarter, ransomware remains a critical threat, with new strains like Cicada3301 targeting Linux and ESXi systems.

ITPro Today Staff

November 14, 2024

2 Min Read
a person at a laptop with the screen showing a ransomware attack message
Alamy

Despite significant efforts in cybersecurity, ransomware remains a virulent threat. The latest Cyber Threat Intelligence review from NCC Group recorded 1,252 ransomware attacks during the third quarter of 2024. While the data represents a 4% dip from the previous quarter, the data shows that ransomware continues to pose a critical challenge that demands constant attention and extensive resources.

The patterns and players in ransomware attacks are all too familiar. While there is always some fluctuation—government pressure pushes some criminal groups out, new players emerge, and older threat actors rebrand—the core threat persists. Between July and September 2024, Ransomhub, a group now under scrutiny from various regulatory and law enforcement agencies, stood out as the most active, responsible for 15% of ransomware attacks.

chart shows the monthly number of ransomware attacks, comparing 2024 with 2023

NCC Group: Global ransomware attacks, 2024 vs. 2023

In a related note, the NCC Group report highlights the Cicada3301 ransomware, a malware strain that targets Linux and ESXi systems. Evidence suggests that Cicada3301 may be a rebranding of the long-standing BlackCat ransomware. The report also includes a threat-hunt section that explores the evolution of Quad7 botnets.

Ransomware groups appear to be broadening their range of preferred targets. While government agencies, financial services, healthcare, and other regulated industries have long been prime victims, the third quarter saw a shift. The consumer discretionary sector jumped to the top, accounting for nearly a quarter (24%) of all ransomware attacks during this period.

Related:Cybersecurity Developments & Priorities: November 2024

The report was developed by threat intelligence professionals who monitor ransomware data from various sources, including cybercriminal leak sites, information stolen in recent ransomware attacks, and NCC Group’s internal research and analysis. Covering ransomware activity from July to September, it provides a breakdown by region, sector, month, and threat actor and analyzes key events.

About the Author

ITPro Today Staff

ITPro Today Staff

See more from ITPro Today Staff
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

the interface of the PowerShell search tool with a hand holding a magnifying glass on a background of a blue sky and clouds in the shape of gears
PowerShell
How I Built My Own PowerShell Multi-File Search Tool
How I Built My Own PowerShell Multi-File Search Tool

Oct 22, 2024

burnout gif featuring a mannequin surrounded by office technology on fire
Career Tips
Am I Burned Out? How To Identify and Address Burnout in IT
Am I Burned Out? How To Identify and Address Burnout in IT

Oct 24, 2024

MLOps
Ops and More
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?

Oct 23, 2024

Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

SaaS concept on a tablet
Cloud Computing
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
DevOps logo on top of code
DevOps
DevOps: Key to Faster, More Efficient Government Software Development
DevOps: Key to Faster, More Efficient Government Software Development
Windows 11 logo on laptop screen
Microsoft Windows
Exploring eBPF for Windows: Opportunities and Limitations
Exploring eBPF for Windows: Opportunities and Limitations
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

cartoon shows a person next to a checklist and several icons that represent disaster scenarios
Disaster Recovery
BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster RecoveryBCDR Basics: A Quick Reference Guide for IT Pros
technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables