Microsoft revealed that ransomware attacks against its customers increased by 275% between July 2023 and June 2024. Despite this significant growth, the company has seen a drop in the percentage of attacks that reach the encryption stage, as highlighted in the Defense Report Company digital released this week. This drop reflects advances in automatic defenses that stop attacks before they are fully executed.
While ransomware has traditionally been associated with data encryption, many attackers are focusing on information theftleaving the encryption step aside. One example was in April 2024, when a ransomware group compromised the Snowflake environments of more than 100 companies, stealing sensitive data and using extortion as their main attack method, according to security firm Mandiant.
Additionally, Microsoft and other cybersecurity companies have seen a 67% increase in the use of data leak sites to pressure victims. Attackers publish stolen information as a way to force ransom payments. According to Mandiant, in 2024 there were 4,520 posts on leak sites, representing a 75% increase compared to the previous year.
The increasing trend in ransomware attacks was also confirmed by US cyber authorities, who reported a 74% growth in global attacks, from 2,593 in 2022 to 4,506 in 2023. In 2024, this number already reaches 2,321 in the first half of the year, signaling that the year could break records.
Microsoft research highlights that 92% of attacks originate from unmanaged devices, with the main hacking techniques involving social engineering, compromised identities and exploiting vulnerabilities in outdated systems. For Tom Burt, vice president of security at Microsoft, facing this growing threat requires a joint effort from the public and private sector to make it difficult for attackers to act.
See the original post at: CisoAdvisor
