ChannelLife Canada - Industry insider news for technology resellers
Canada
Guides
#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes
Search
Story image
#
Ransomware
#
Cybersecurity
#
Telco

December sees record 574 ransomware attacks reported

Today
Author image
By Sean Mitchell, Publisher

The NCC Group has released its December 2024 Threat Pulse, reporting a record-breaking number of ransomware attacks, with 574 incidents documented. This represents the highest monthly figure recorded since the organisation began tracking ransomware activity in 2021, marking a significant shift in the digital threat landscape.

A notable development is the emergence of Funksec, a newly identified extortion group, as the most active threat actor during December. Funksec was responsible for 103 of the attacks, targeting a variety of sectors worldwide. "The rise of new and aggressive actors, like Funksec, who have been at the forefront of these attacks is alarming," said Ian Usher, Associate Director of Threat Intelligence Operations and Service Innovation at NCC Group.

He further added, "December is usually a much quieter time for ransomware attacks, but last month saw the highest number of ransomware attacks on record, turning that pattern on its head. If ransomware groups are becoming bolder and more advanced, we can expect more frequent and widespread attacks, putting every sector and region at risk."

The data shows a geographical spread of ransomware activity, with North America accounting for the largest share at 52% of global attacks. Europe followed with 18%, while Asia saw an increase from 58 attacks in November to 92 in December, reaching 16% of the global total.

In terms of sectors, Industrials remained the most targeted, suffering 24% of attacks, indicating the continuing vulnerability of Critical National Infrastructure (CNI). The Consumer Discretionary sector and the Information Technology sector accounted for the second and third most targeted sectors, with 107 and 78 attacks, respectively.

The report also highlights a significant attack by Black Basta on BT, a British multinational telecommunications company, on December 4, 2024. This incident involved claims of having exfiltrated 500GB of sensitive data, underscoring the risks to CNI. Black Basta employs sophisticated techniques, including spear-phishing and botnets like DarkGate and ZBot, posing a significant threat despite the limited operational impact observed in this case.

Ian Usher emphasised the need for vigilance: "The data should serve as a wake-up call. No organisation is immune, and the best defence is to stay ahead of the curve. Companies need to double down on their cybersecurity measures and ensure that their teams are trained and prepared to evolve with the changing nature of ransomware threats."

This record-breaking month for ransomware attacks coincides with the UK Government's proposal to ban ransomware payments in the public sector. The implications of this policy change remain to be seen, particularly in the context of the increasing frequency and sophistication of ransomware attacks as highlighted by the NCC Group's findings. The report urges organisations globally to fortify their cybersecurity strategies in anticipation of further advances in ransomware tactics as 2025 approaches.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Leaseweb Global unveils new VPS infrastructure at EUR €3.99
AWS unveils new service for managing security incidents
Fivecast wins National Exporter Award for technology
UK developers slow to adopt AI tools says new survey
Automation drives revenue, job satisfaction in MSSP sector
Top stories
AvePoint completes acquisition of Ydentic to boost MSP growth
Exabeam unveils AI-driven LogRhythm Intelligence Copilot
68% fail in urgent vulnerability management: report
Canadian firms to boost AI investments significantly by 2025
AI in healthcare set to revolutionise the industry by 2032