Evolving Cybersecurity Landscape: Ransomware and Data Theft Dominate 2024 Threats

Cybersecurity threats are rapidly evolving, with ransomware and data theft as leading risks. Organizations must adopt robust security measures and stay informed to combat increasingly sophisticated cybercriminals.


14 August 2024 – The cybersecurity landscape continues to evolve rapidly, presenting significant challenges for organizations and the public. As new threat actors and technologies emerge, the risk of cyberattacks intensifies, with even routine activities like opening an email posing potential dangers. Cybersecurity professionals must stay ahead of increasingly sophisticated cybercriminals who leverage open-source technologies to enhance their attack strategies.

Current Threat Landscape

According to the Kaspersky Incident Response Analyst Report 2023, cyberthreats have reached alarming levels, with 75% of attack attempts targeting Microsoft Office. Infection vectors reveal that 42.3% of successful breaches used publicly available applications, 20.3% involved compromised accounts, and only 8.5% relied on brute force tactics. A notable reduction in attack attempts was observed, with a 36% drop in Q1 2023 compared to the same period in 2022.

Post-attack consequences are severe: 33.3% of affected organizations experienced data encryption, 21.1% faced data theft, and 12.2% encountered compromised active directories. Ransomware and data theft are identified as the top cyberthreats, with other risks including cybersabotage, supply chain attacks, and advanced persistent threats (APTs).

Governments (27.9%) were the most targeted by cybercriminals, followed by manufacturing (17%) and financial institutions (12.2%). The highest incident rates were in Asia and the Commonwealth of Independent States (CIS), accounting for 47.3% of global cybersecurity incidents.

Rise of Ransomware as a Service (RaaS)

The growing trend of ransomware as a service (RaaS) underscores how cybercrime is evolving into a business model. In 2021-2022, ransomware incidents nearly doubled, with 71% of cybersecurity incidents driven by financial motives. Cybercriminals collaborate in a sophisticated ecosystem, from developing ransomware to selling access to compromised systems and negotiating ransoms. This approach makes ransomware attacks increasingly challenging to defend against.

Despite the rise of RaaS, experts urge affected organizations not to pay ransoms, as this only perpetuates cybercrime. Tools and resources, such as Kaspersky’s decryption vault, are available to help victims recover their data without paying a ransom.

Major Threat Vectors and Future Risks

The report highlights Operation Triangulation, a significant cyberthreat targeting iOS devices using previously unknown malware and exploiting Apple CPU vulnerabilities. Users are advised to update firmware regularly and disable iMessage to mitigate future risks.

Supply chain attacks on containerized systems running open-source software present another critical threat. With millions of open-source packages available, ensuring the security of these systems is vital. Experts recommend robust security policies and tools like Kaspersky Security Container to safeguard against these threats.

Best Practices for 2024

To strengthen cybersecurity defenses, organizations should adopt a mature security posture that includes regular updates, access to the latest threat intelligence, and proper employee education. Implementing tools like Kaspersky Endpoint Detection and Response, along with incident response services, can enhance detection, investigation, and remediation of threats.

Author: Terry KS

Share This Post On