Ransomware attacks rise sharply in Q3 2024 as new groups emerge

Ransomware attacks surged in Q3 2024, with 1,257 reported victims, according to Corvus's latest Cyber Threat Report. The report highlights a shift from major groups like LockBit 3.0 and ALPHV to a more fragmented landscape of 59 active ransomware groups. Increased law enforcement actions against large operators have led affiliates to seek smaller, more agile groups. Newer group RansomHub emerged as the most active, claiming 195 victims, reflecting changing preferences among cybercriminals. The report also noted that the construction and healthcare sectors are increasingly targeted. Additionally, 28.7% of attacks exploited VPN vulnerabilities, and 75% of organizations lack strong multi-factor authentication.