Microsoft reveals ransomware attacks against its customers nearly tripled last year
- Microsoft customers confronted nearly triple the amount of ransomware attacks during the one-year period ending in June, the company said Tuesday in its Digital Defense Report.
- Microsoft observed a 275% year-over-year increase in human-operated ransomware attacks between July 2023 and June 2024. This increase in ransomware attacks was partially offset by a sustained decrease in cyberattacks reaching the encryption stage, the report found.
- “The percentage of attacks reaching actual encryption phase has decreased over the past two years by threefold,” Microsoft said in the report. “Automatic attack disruption contributed to this positive trend in decreasing successful attacks.”
Dive Insight:
While data and systems encryption is a traditional defining characteristic of ransomware attacks, many financially motivated attackers skip the step of encryption and steal sensitive data for extortion.
One of the most consequential ransomware attack sprees this year to date did not involve encryption. In April, a ransomware group compromised the Snowflake environments of more than 100 companies in a wave of attacks, resulting in widespread data theft, exposure and extortion, according to Mandiant.
Ransomware groups ramp up pressure on alleged victims by posting on data leak sites, and the number of those posts increased 67% during the first half of 2024, according to Rapid7. Threat groups claimed responsibility for ransomware attacks in 4,520 posts on data leak sites last year, a 75% increase from 2022, according to a Mandiant report in June.
To read the complete article, visit Cybersecurity Dive.