Image: — © AFP
While ransomware threats are not new, they are becoming increasingly widespread due to the rapid dissemination of attack techniques, which is outpacing law enforcement’s ability to dismantle attack groups.
This increase is attributed to factors like cloud misconfigurations, new ransomware attacks, and increased exploitation of vendor systems. With the latter, attackers are increasingly targeting the systems and data of thirdparty vendors to gain access to larger networks and databases.
The evolving cyber threat landscape appear bleak, with the rate and severity of incidences increasing. A recent survey reveals the UK’s prominence as a target for cybercriminals.
According to the firm Bitsight’s new State of the Underground report, which analysed billions of dark web activities via its TRACE Security Research Team, there was a 43 percent rise in data breaches shared on underground forums globally in 2024.
This increase in threats has been driven by increasingly agile ransomware gangs and a surge in compromised data.
For the UK, the scale of the threat suggests the UK is placed third globally for ransomware attacks, with professional services, manufacturing, and education sectors hardest hit. This highlights the growing complexity and speed of cybercrime, as well as the significant exposure of UK organisations across sectors.
The report indicates
Ransomware attacks
Increased by 25% in 2024, while the number of ransomware group leak sites rose by 53%. The fragmentation caused by smaller, more agile gangs is leading to more attacks on midsized organizations.
Data breaches
Increased by 43% in 2024, based on incidents shared across underground forums. U.S. organizations accounted for nearly 20% of victims.
Compromised credentials
The survey identified 2.9 billion unique sets of compromised credentials in 2024, up from 2.2 billion in 2023.
Compromised credit cards
Underground markets listed 14.5 million compromised credit cards in 2024, a 20% increase over 2023.
The surge in active ransomware attacks signals escalating sophistication of attackers and an increasingly complex threat landscape.
The report recommends that combating these evolving threats requires more than layered defences—it demands continuous visibility into exposed assets, insights into emerging threats, and the ability to prioritize action based on realworld risk.
