Lockbit Responsible for 30% of Attacks in Q1 2024
NEW YORK, NY / ACCESSWIRE / April 17, 2024 / CyberMaxx, LLC., the leading provider of Managed Detection and Response (MDR), today released its Quarterly Ransomware Research Report. The report includes threat analysis of activity throughout January, February and March by groups such as XZ Utils and Lockbit.
The first quarter of 2024 saw 1,283 successful attacks, a 29% increase from Q1 2023's 909 attacks. Threat actors know the first quarter of the year tends to be busy and take advantage of lots of personnel coming back from holidays and focusing on new annual priorities to lay the foundation and initiate attacks. 2024 proved to be no exception to this trend.
Lockbit attacks represented 30% of total attacks in the first quarter of the year. Lockbit continues to be successful, showing a steady increase in attacks during the last 18 months. Its cyber affiliate program plays a big part in its reach. Lockbit works with other groups who focus on initial access and the first stages of intrusion. Affiliates exploit poor security hygiene, improper configuration of external facing assets, utilize traditional phishing, and take advantage of unpatched vulnerabilities. Once they've penetrated the network, they hand over the information to Lockbit. This means that any group can use any technique to gain access - and then work with Lockbit to deploy ransomware.
Another Q1 milestone was the discovery of a backdoor in the XZ Utils data compression, which was present in nearly all major Linux distributions. It is another important reminder that organizations who use open source components ultimately own responsibility for securing the software. Organizations can be highly vulnerable to compromises in their code, which often comes from minimally maintained and under-resourced open source projects.
"Threat actors often run like companies. They have a business plan and follow it because it works. Organizations need to be as systematic as these threat actors when it comes to security," said Connor Jackson, Security Research Manager at CyberMaxx. "The threat activity and number of successful attacks seen at the start of this year continues to reinforce that notion. Organizations need to focus on reducing attack surfaces, performing system hardening, and proper architecture of networks to reduce possible impact and ensuring patch management programs are in place and up to date."
Access the full Ransomware Research Report here: https://cybermaxx.com/q1-2024-ransomware-research-report/
About CyberMaxx
CyberMaxx, LLC., founded in 2002, is the leading provider of managed detection and response (MDR), headquartered in New York, NY. CyberMaxx's managed detection and response solution (MaxxMDR) is designed to be scalable for clients of all sizes, providing protection and improving the organization's security posture, ultimately giving customers peace of mind that their systems and data are secure. CyberMaxx expanded its capabilities through the 2022 acquisition of CipherTechs, an international cybersecurity company providing a complete cybersecurity portfolio across MDR Services, Offensive Security, Governance, Risk & Compliance, DFIR, and 3rd party security product sourcing.
For more information, visit: https://www.cybermaxx.com/
Media Contact
Escalate PR for CyberMaxx
cybermaxx@escalatepr.com
SOURCE: CyberMaxx
View the original press release on accesswire.com
