As ransomware attacks surge, India accounts for over half the hits in 2024: Report

Global organisations and nation states are grappling with a significant rise in ransomware attacks, driven by both established groups and emerging threats, per a report by Check Point. 

While the U.S. was at the face of most attacks in the fourth quarter of 2024 with 936 of the total number, India was in the fifth position with 44 attacks. Canada, UK, and Germany held the second, third and fourth positions.

Ransomware attacks grew to 5,414 globally in 2024, which is a 11% increase compared to the previous year. Of these, India accounted for more than 50% in terms of phishing activity. 

Globally, business services sector remained the most targeted, enduring 451 attacks, followed by retail and manufacturing, which saw a notable increase with 201 incidents in the last quarter of 2024, the report noted. 

The construction industry experienced a 50% rise in ransomware incidents from 2023 to 2024, propelling it to fourth place in the attack rankings, surpassing financial, education, and healthcare sectors.

The increase in ransomware activity is attributed to several key factors. The Ransomware-as-a-Service (RaaS) model has made it easier for even novice threat actors to launch sophisticated attacks, with groups like RansomHub leading the charge with 531 attacks. 

The fragmentation of the ransomware landscape, following the takedown of major players, has led to increased competition and innovation among smaller, agile groups. Additionally, threat actors are evolving their tactics by targeting Linux and VMware ESXi systems, exploiting cloud-based tools for data theft, and leveraging AI to enhance attack efficacy.