Curated Content | Thought Leadership | Technology News

Study Reveals Cyberattacks Surged in the Final Months of 2024

A December to remember.
Ryan Uliss
Contributing Writer
Line graph showing a spike.

The final months of 2024 marked a troubling escalation in ransomware and cyber extortion, with December setting a record as one of the busiest months for attacks ever.

This surge correlates with the growing sophistication and reach of cybercriminal groups, as detailed in a recent report from Reliaquest. The research analyzes the tactics employed by these groups, the industries they target, and the increasing urgency for stronger defenses.

Its findings reveal how ransomware operations have evolved and highlight the growing challenges organizations face in defending against these increasingly aggressive attacks in the months ahead.

A Record-Breaking Rise in Ransomware Attacks

The report revealed that ransomware activity reached unprecedented levels in Q4 2024, culminating in a record-setting December.

Attack volumes were fueled by the growing number of ransomware groups, which nearly doubled over the past two years, from approximately 60 in 2022 to almost 100 by the close of 2024. This expansion underscores the lucrative appeal of ransomware, which continues to draw new actors into the field.

An alarming 1,110 initial access listings, often the starting point for a cyberattack, were identified during the quarter, showcasing the scale at which cybercriminals are breaching organizations. These listings represent opportunities for ransomware operators to exploit compromised systems and are sold on dark web marketplaces for prices ranging from a few hundred to several thousand dollars.

By the end of 2024, these tactics had led to an all-time high in successful attacks, signaling a widening gap in the preparedness of organizations to fend off these threats.

New Ransomware Groups on the Rise

Established ransomware groups like “RansomHub” remained dominant in Q4, but the report also highlighted a significant influx of new entrants.

Among them, “SafePay” and “FunkSec” emerged as major players, rapidly expanding their operations to claim 45 and 82 victims, respectively, during the quarter. This growth was attributed to the availability of leaked ransomware source code, which has significantly lowered the barriers to entry for aspiring cybercriminals.

Thirteen new ransomware groups emerged in Q4 alone, marking the largest quarterly increase of 2024. Many of these groups employed advanced tactics, including “double extortion,” where stolen data is not only encrypted but also threatened with public release unless a ransom is paid. These methods are proving highly effective, with ransom demands frequently exceeding six or even seven figures.

In several cases, attackers leveraged social engineering to manipulate employees into granting access, highlighting the human vulnerabilities that organizations must address.

Geographic and Sectoral Targeting

The report underscored the disproportionate targeting of organizations in the United States, which accounted for the large majority of the recorded incidents in Q4. U.S. businesses are attractive targets due to their financial resources, perceived likelihood of paying ransoms, and prevalence of cyber insurance coverage.

From an industry perspective, manufacturing firms were among the hardest hit, largely due to their reliance on outdated industrial control systems. The Professional, Scientific, and Technical Services (PSTS) sector was also heavily targeted, reflecting attackers’ focus on industries dependent on remote monitoring and high-value intellectual property.

Notably, PSTS organizations accounted for a substantial portion of the victims listed on ransomware leak sites in Q4, suggesting that firms often lack sufficient safeguards against these types of attacks.

What it Means for Organizations

Cybercriminals are not only growing in number but are also refining their methods to extract maximum financial gain.

The surge in new ransomware groups underscores the ease with which these actors can now enter the field, often using readily available tools and knowledge. This trend will likely continue to fuel the growth of ransomware incidents in 2025 and beyond.

Organizations are increasingly prioritizing strengthening their defenses to reduce their exposure to these threats. This includes implementing multi-factor authentication, conducting regular cybersecurity training for employees, and proactively monitoring for potential vulnerabilities in their systems.

The widespread availability of initial access listings highlights the importance of securing external-facing systems and promptly addressing any vulnerabilities before they can be exploited.

The sheer volume of ransomware activity in Q4 2024 also raises questions about the effectiveness of traditional defenses. As attackers continue to innovate, businesses will need to invest in more sophisticated threat detection and response capabilities to stay ahead of the curve.

The Wrap

The “Ransomware and Cyber Extortion in Q4 2024” report from ReliaQuest paints a sobering picture of the current cyber threat environment.

Attack volumes reached record highs in the final quarter of the year, driven by the rise of new ransomware groups and a relentless focus on vulnerable industries and regions. These findings serve as a clear warning: ransomware operators are becoming more strategic, more organized, and more aggressive in their methods.

For businesses, this escalation is not just a cause for concern but a call to action.

The growing complexity of these attacks highlights the urgent need for organizations to take preventative measures, from strengthening access controls to investing in real-time threat detection and response.

Q4’s surge in activity is a reminder that no industry or region is immune, and companies must move beyond simply addressing existing vulnerabilities, they must actively prepare for the tactics of tomorrow’s attackers.

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

ADVERTISEMENT

×
You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Thanks for subscribing!

We’re excited to have you on board. Stay tuned for the latest technology news delivered straight to your inbox.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters