Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Cyber extortion is on the rise, but it’s just one part of a complex and ever-evolving threat ecosystem.
Every year, Barracuda Networks releases a detailed cyber security report based on its managed extended detection and response business, and while the previous 12 months saw relatively consistent activity across the year, ransomware activity increased dramatically.
The numbers that Barracuda can draw on for its analysis are impressive. The company tracked 11 trillion IT events in total and found that more than 1 million of them were potential risks requiring assessment.
Of those, 16,812 were flagged as threats severe enough to need immediate action – essentially between roughly 1,000 and 2,000 high-severity threats each month, remaining more or less steady month-to-month.
Ransomware attacks were the exception. In January 2024, Barracuda detected 115 likely instances of ransomware deployment, a figure that rose steadily throughout the year. Attacks peaked in August, with 434; however, after dropping to 303 in September, the number continued to rise month on month until December, when it reached 432.
Barracuda believes that ransomware-as-a-service (RaaS) operations were the major contributor to this increase. While affiliates do the grunt work of actually targeting organisations and exfiltrating stolen data, the RaaS operators can devote their time to investing in and developing more advanced tools and techniques.
At the same time, those wanting to begin their ransomware careers only need to lease the malware and pay a percentage of their profits to their RaaS group.
“The rise of as-a-service platforms is helping to power the growing sophistication, agility, and evasive nature of cyber attacks, from ransomware to phishing,” Eric Russo, director for SOC defensive security at Barracuda, said in a statement.
“The developers behind these platforms often have the time, resources, and skills to invest heavily in advanced and evasive toolsets and templates. Organisations need deep, extended security to boost their defences and cyber resilience against such attacks.”
Top entry vectors
Barracuda’s XDR report also identified the five most common entry vectors for detected malicious activity.
The most commonly observed detection in 2024 was malicious traffic from external sources, followed by suspicious logins via Microsoft 365. These two vectors alone made up more than half of all detections.
Malware such as worms and Trojans were the next most numerous threats detected, with password spray attempts and post-delivery email threats rounding out the top five.
“A comprehensive XDR solution that integrates network, endpoint, server, cloud, and email security means that every corner of the digital infrastructure is monitored and protected with advanced security measures and a full spectrum of defensive tools, combined with proactive threat hunting and response strategies,” Russo said.
You can read the full report here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
