Ransomware is on a winning streak. And businesses, big and small, are on the verge of losing it all. Over the past year, cybercriminals have sunk to new lows to steal a bit of data and a lot of money. Throughout 2023 (and up to today), we’ve seen a profound strategic shift in adversarial tactics, with hackers exploiting trusted tools and targeting critical industries like healthcare.
Drawing from data collected from the millions of endpoints and user entities under our watch, our cybersecurity experts documented the alarming trends, patterns, and tactics they observed to compile our 2024 Cyber Threat Report.
Below, we provide a brief overview of our findings on ransomware. But, of course, we have far more to say on the matter. If you’d like to go more in depth, we encourage you to read the complete report.
A Snapshot of Ransomware Post-Qakbot
Since at least 2008, Qakbot—a notorious malware distribution and control network—had wreaked havoc upon its victims, which ranged from financial institutions to medical device manufacturers to critical infrastructure. But in late-August 2023, the FBI spearheaded a multinational operation that brought down Qakbot, marking the largest U.S.-led action against a botnet.
The good news was short lived, however. In the wake of Qakbot, cybercriminals quickly adapted existing strains or simply developed new ones to go after businesses of all sizes and across all sectors. In fact, we’ve seen an increase in ransomware attacks specifically aimed at small businesses and managed service providers (MSPs), which attackers often exploit as entry points to larger networks.
Qakbot was the dominant strain of malware used by initial access brokers up until it was brought down. Then, something of a power vacuum emerged, and from August to September 2023, there were dramatic increases in activities from:
- DarkGate jumped by 880%
- Akira spiked by 510%
- LockBit increased by 102%
Qakbot, not surprisingly, wasn’t gone for long. It re-emerged within months, but in its brief absence, the floodgates were opened to more ransomware variants and affiliates.
Our 2024 Cyber Threat Report notes, “While emerging Qakbot variants remain relatively unchanged, their emergence is a strong signal that, like the reappearance of Emotet in similar circumstances, threat actors will attempt to capitalize on existing knowledge and investment in the face of defender activity.”
Gain Greater Insight into Today’s Hacker Trends and Tactics
The past year revealed one inconvenient truth: no one is immune to cyberattacks. Cybercriminals, unfortunately, haven’t stopped devising clever, new ways to breach your defenses. And it doesn’t look like they’ll stop any time soon.
That’s why we published our 2024 Cyber Threat Report. It gives you an inside look at the most notable trends and tactics hackers are using to target organizations of all sizes. It’s a valuable resource that’ll equip you with the knowledge you need to identify and counter the many risks you’re now up against. By staying informed on adversarial strategies, you can strengthen your cybersecurity defenses and protect yourself more effectively.
Download Huntress’ 2024 Cyber Threat Report.
Sign Up for Blog Updates
Subscribe today and you’ll be the first to know when new content hits the blog.