Ransomware Crisis Escalates: New Threat Actors
Latest Data Security News - September 2, 2024
Ransomware Crisis Escalates: New Threat Actors
Recent data indicates a troubling increase in ransomware attacks in 2024, with the second quarter witnessing a 16% rise compared to the first quarter and an 8% increase over the same period in 2023. New ransomware groups such as PLAY, Medusa, RansomHub, INC Ransom, and BlackSuit have emerged, intensifying the threat landscape. The average ransom demand reached $1,571,667, marking a 102% quarterly increase—the highest since Q2 2022. Additionally, the average ransom payment rose to $626,415. The trend of double-extortion tactics, where attackers not only encrypt data but also exfiltrate it and threaten to release it publicly, has further complicated the situation for businesses. In 2024, 93% of ransomware incidents involved data theft, up from 88% in 2023. Effective backup strategies can mitigate some costs, but organizations are encouraged to adopt a multi-layered security approach to combat these evolving threats effectively (source: Help Net Security).
Major Data Breaches and Cyberattacks
Several significant data breaches have been reported in the past week:
-
Park’N Fly: Notified around 1 million customers in Canada about a data breach that occurred between July 11 and July 13, 2024, due to stolen VPN credentials. Personal and account information such as names, addresses, and loyalty program numbers were exposed, though no financial data was compromised.
-
Patelco Credit Union: Announced a data breach affecting 726,000 customers following a ransomware attack by the RansomHub gang. The attack led to the exposure of sensitive personal information, including Social Security and driver's license numbers.
-
Google Cloud Bucket Leak: A misconfiguration of Google Cloud Storage resulted in the exposure of sensitive information for approximately 83,000 individuals. The leak was discovered by security researchers, highlighting ongoing concerns about data protection in cloud services.
-
AMD: Experienced a second cyberattack in 2024 attributed to the groups IntelBroker and EnergyWeaponUser. This breach involved internal communications and employee information, following a previous attack in June 2024 (source: Mage Data).
Legal Actions Following Ransomware Attacks
The city of Columbus is suing a security researcher who disclosed the severity of a recent ransomware attack. The researcher presented evidence that contradicted the city's official claims, revealing that the attack had compromised far more sensitive information than initially reported. This case underscores the complex legal and ethical issues surrounding cybersecurity disclosures and the role of independent researchers (source: Jetico).
These events underscore the importance of robust data security measures, especially in light of increasingly sophisticated attack methods and the involvement of new threat actors.
For more in-depth analysis, you can read the full articles on Help Net Security, Mage Data, and Jetico.