Searchlight Cyber Releases Report on Ransomware Trends in H1 2024: Insights from the Dark Web

Searchlight Cyber, the Dark Web intelligence company, has unveiled its latest report, shedding light on the evolving ransomware landscape in the first half of 2024.

Titled Ransomware in H1 2024: Trends from the Dark Web, the report delves into significant shifts that have occurred since the beginning of the year. Drawing insights from Dark Web intelligence, the report aims to equip organizations with the knowledge needed to enhance their defenses against emerging threats.

One of the major revelations in the report is the cessation of operations by the prominent ransomware group BlackCat within the first six months of the year. This void was quickly filled by the emergence of a new player, RansomHub, which rapidly rose to become the third most prolific ransomware group.

Key highlights from the report include a 56% increase in the number of active ransomware groups compared to the first half of 2023, showcasing a diversification in the ransomware landscape. Despite facing disruptions from Operation Cronos, LockBit managed to maintain its top position, albeit with a decrease in listed victims compared to the previous year.

The report also sheds light on the dominance of Ransomware-as-a-Service (RaaS) model among the most active groups, underscoring the need for continuous monitoring of the ransomware ecosystem by organizations.

Luke Donovan, Head of Threat Intelligence at Searchlight Cyber, emphasized the importance of staying vigilant in the face of a rapidly evolving ransomware landscape. With over 70 active ransomware groups operating, organizations need to identify potential threats and tailor their defensive strategies accordingly.

The report also profiles new entrants such as APT73 and DarkVault, hinting at the emergence of significant threats in the near future. As ransomware activities continue to pose a challenge, the need for proactive cybersecurity measures has never been more critical.