The Travelers Companies, Inc. published its Q4 2024 Cyber Threat Report, revealing a rise in ransomware activity. Based on data from ransomware leak sites, the report highlighted an increase in organizations targeted by ransomware groups last quarter. These groups employed consistent attack methods, such as exploiting weak VPN credentials and bypassing multifactor authentication (MFA).
“Based on our observations, it’s clear that basic attack techniques are still highly effective for ransomware groups,” said Jason Rebholz, Vice President and Cyber Risk Officer at Travelers. “These groups have been on the offensive, proactively hunting for targets and having significant success. It’s vital that businesses implement proven security controls, such as MFA, to make it far more challenging for malicious actors to carry out an attack on their organization. Travelers can help mitigate the risks.”
Travelers works with policyholders by customizing a cybersecurity readiness approach. It includes identifying any cyber vulnerabilities and addressing exposures through a range of pre-breach services, real-time monitoring and alert systems, and around-the-clock access to specialists who help businesses reduce the chance of suffering a cyber event, and recover quickly if an attack does take place.
Ransomware Group Activity
The report identified an increase in new ransomware groups, indicating a proliferation of smaller, more agile threat actors in the cybercrime ecosystem. The formation of new groups can be attributed to several factors, including law enforcement’s disruption of several well-established Ransomware-as-a-Service (RaaS) platforms.
Industry Analysis
One trend that stood out in the report was the increased targeting of IT services and consulting firms. The targets function as intermediaries for other industries, amplifying the impact of an attack through their connections to multiple clients. Government administration, while not as dominant as other sectors, experienced a surge in late 2024.
Additional key findings from the report:
- The construction sector remained a primary target in 2024.
- Hospitals and health care organizations faced persistent threats.
Previous editions of this quarterly report were announced by Corvus, a cyber insurance managing general underwriter. Travelers acquired Corvus in early 2024.
To learn more about the report highlighting an increase in organizations targeted by ransomware groups last quarter, visit the website here.
Related News:
Darktrace Report: 78% of CISOs See Growing Impact of AI Cyber Threats
