Report: Ransomware landscape changing, attacks down 16% since 2023

The number of cybercriminal groups engaging in ransomware attacks has risen since last year, but the total victim count—in all industries and spaces, including healthcare—has actually fallen. 

According to a report from cybersecurity firm Searchlight Cyber, the number of active criminal ransomware groups stood at 72 during the first half of 2024, a rise from 46 a year prior. That 57% jump, however, has not resulted in more attacks. Since the second half of 2023, the number of organizations reported to have fallen victim to ransomware has dropped 16%.

However, it’s complicated. When compared to the first half of 2023, the number of ransomware incidents has increased 50% on the year. But, the data may not signal a seasonal trend. Instead, the recent reduction may be a result of law enforcement disruption, the report suggested. 

Interestingly, the analysis from Searchlight Cyber—which is based on a review of dark web postings and other activity—shows large criminal groups, including LockBit and Black Cat, remain active and are recruiting. However, smaller ephemeral groups are entering the scene at an increasing rate. 

These smaller organizations, Searchlight Cyber contends, conduct targeted attacks and post ransoms, then disappear. They may emerge later under a new name, but the tactic helps the groups  to avoid the attention of law enforcement. It also makes it harder for “white hat” cybersecurity firms to keep up. 

“What we could be seeing is the diversification—rather than the growth—of the ransomware scene,”  Luke Donovan, head of Threat Intelligence at Searchlight Cyber, said in the report. “This hypothesis would be consistent with the fact that some of the biggest ransomware players have a clearly reduced influence, suggesting that there is no longer the ‘market dominance’ of a small number of highly prolific ransomware groups that there once was.” 

In the report, Searchlight Cyber recommends strategies to avoid threats in this evolving landscape, including updating IT equipment and conducting routine vulnerability checks. 

The full report is available here

Chad Van Alstin Health Imaging Health Exec

Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.

Around the web

When drugs are on the FDA’s shortage list, outsourcing facilities can produce their own compounded versions. When the FDA removed tirzepatide from that list with no warning, it created a considerable amount of chaos both behind the scenes and in pharmacies all over the country. 

If passed, this bill would help clinician-led clinical registries explore Medicare data for research purposes. The Society of Thoracic Surgeons and American College of Cardiology both shared public support for the bipartisan legislation. 

Cardiologists and other physicians may soon need to provide much more information when ordering remote patient monitoring for Medicare patients.

Trimed Popup
Trimed Popup