As per a new report from Corvus Insurance, Q1 2024 has set a record for the most global ransomware attacks in a first quarter.
According to the data in Corvus’ Q1 2024 Ransomware Report, 1,075 leak site ransomware victims were posted on leak sites during the first quarter, despite the disruption of two major ransomware groups, LockBit and ALPHV/BlackCat, which accounted for 22% and 8% of the activity, respectively.
Corvus explained that this is likely due to other ransomware affiliate groups shifting operations to new and alternative organizations.
“18 new leak sites emerged over Q1, the largest number of leak sites to emerge in a single quarter on record. These additions brought the total number of active leak sites for the first quarter to 60,” the firm said.
Corvus revealed at the start of this year that global ransomware attacks in 2023 set a record high, surpassing 2022 by close to 70%. The firm has now warned that 2024 is picking up right where 2023 left off.
The industries most impacted by global ransomware attacks remained relatively consistent over previous quarters, with Information Technology and Services, Construction, Healthcare, and Legal continuing to rank among the top five.
Jason Rebholz, Chief Information Security Officer, Corvus Insurance, commented, “The ransomware activity we’ve seen in the first quarter of 2024 continues the substantial growth pattern that we saw develop over the course of 2023.
“While we fully expect that law enforcement’s long-term impact will be significant, it’s not enough to curb this criminal activity today.
“Businesses across all industries must embrace vigilant cybersecurity practices, including proactive and persistent patch management of any vulnerable assets in their environment.”