www.reliaquest.com
Open in
urlscan Pro
141.193.213.21
Public Scan
URL:
https://www.reliaquest.com/blog/q4-2023-ransomware/
Submission: On February 05 via api from TR — Scanned from DE
Submission: On February 05 via api from TR — Scanned from DE
Form analysis 5 forms found in the DOM
#
<form role="search" action="#" autocomplete="off" aria-label="Search form">
<input aria-label="Search input" type="search" class="orig" tabindex="0" name="phrase" placeholder="Search here.." value="" autocomplete="off">
<input aria-label="Search autocomplete input" type="text" class="autocomplete" tabindex="-1" name="phrase" value="" autocomplete="off" disabled="">
<input type="submit" value="Start search" style="width:0; height: 0; visibility: hidden;">
</form>Name: options —
<form name="options" aria-label="Search settings form" autocomplete="off">
<input type="hidden" name="filters_changed" style="display:none;" value="0">
<input type="hidden" name="filters_initial" style="display:none;" value="1">
<div class="asl_option_inner hiddend">
<input type="hidden" name="qtranslate_lang" id="qtranslate_lang1" value="0">
</div>
<fieldset class="asl_sett_scroll">
<legend style="display: none;">Generic selectors</legend>
<div class="asl_option hiddend" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="exact" aria-label="Exact matches only" name="asl_gen[]">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Exact matches only </div>
</div>
<div class="asl_option hiddend" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="title" aria-label="Search in title" name="asl_gen[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Search in title </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="content" aria-label="Search in content" name="asl_gen[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Search in content </div>
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="excerpt" aria-label="Search in excerpt" name="asl_gen[]">
<div class="asl_option_checkbox"></div>
</div>
</fieldset>
<fieldset class="asl_sett_scroll">
<legend style="display: none;">Post Type Selectors</legend>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="page" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="cpt-solution" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="ondemand_webinars" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="videos" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="podcasts" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="solution_brief" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="infographics" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="threat_advisories" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="white_papers" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="research_reports" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="guides" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="ebooks" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="integrations" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="data_sheets" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="webinars_events" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
<div class="asl_option_inner hiddend">
<input type="checkbox" value="cpt-resource" aria-label="Hidden option, ignore please" name="customset[]" checked="checked">
</div>
</fieldset>
<fieldset>
<legend>Filter by Categories</legend>
<div class="categoryfilter asl_sett_scroll">
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="845" aria-label="Brand Protection" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Brand Protection </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="854" aria-label="Company" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Company </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="1015" aria-label="Company Updates" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Company Updates </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="851" aria-label="Cybercrime and Dark Web Research" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Cybercrime and Dark Web Research </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="848" aria-label="Data Leakage" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Data Leakage </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="833" aria-label="Detection and Response" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Detection and Response </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="836" aria-label="GreyMatter" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> GreyMatter </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="864" aria-label="Product" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Product </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="837" aria-label="ReliaQuest" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> ReliaQuest </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="1022" aria-label="SB Syndication" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> SB Syndication </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="834" aria-label="Security Automation" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Security Automation </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="835" aria-label="Security Metrics" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Security Metrics </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="830" aria-label="Security Operations" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Security Operations </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="832" aria-label="Threat Hunting" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Threat Hunting </div>
</div>
<div class="asl_option" tabindex="0">
<div class="asl_option_inner">
<input type="checkbox" value="831" aria-label="Threat Intelligence" name="categoryset[]" checked="checked">
<div class="asl_option_checkbox"></div>
</div>
<div class="asl_option_label"> Threat Intelligence </div>
</div>
</div>
</fieldset>
</form>GET https://www.reliaquest.com
<form action="https://www.reliaquest.com" method="get" class="form-mobile">
<div class="form-group">
<div class="input-group d-flex position-relative">
<span class="input-group-text position-absolute"><i class="icon-search"></i></span>
<button class="btn btn-outline-secondary position-absolute" type="reset" id="button-addon1"><i class="icon-close"></i></button>
<input class="form-control" type="text" name="s" placeholder="Search here.." value="" aria-label="default input example">
</div>
</div>
<button type="submit" class="btn btn-primary w-100">Search</button>
</form>#
<form class="subscribe-form" action="#">
<fieldset class="form-group d-md-flex">
<input class="form-control" type="email" placeholder="Enter your email address">
<button type="submit" class="btn btn-primary">Subscribe now</button>
</fieldset>
<p class="note text-md-end mb-0">* By clicking “Subscribe Now”, I agree to the Terms and Conditions</p>
</form>#
<form class="subscribe-form" action="#">
<fieldset class="form-group d-md-flex">
<input class="form-control" type="email" placeholder="Enter your email address">
<button type="submit" class="btn btn-primary">Subscribe now</button>
</fieldset>
<p class="note text-md-end mb-0">* By clicking “Subscribe Now”, I agree to the Terms and Conditions</p>
</form>Text Content
Skip to Content Javascript must be enabled for the correct page display WEBINAR | From Deal to Defense: Unifying Cybersecurity Post-M&A Watch On-Demand * Solutions Go Back Make Security Possible Reduce Alert Noise and False Positives Boost your team's productivity by cutting down alert noise and false positives. Automate Security Operations Boost efficiency, reduce burnout, and better manage risk through automation. Dark Web Monitoring Online protection tuned to the need of your business. Maximize Existing Security Investments Improve efficiencies from existing investments in security tools. Beyond MDR Move your security operations beyond the limitations of MDR. Secure with Microsoft 365 E5 Boost the power of Microsoft 365 E5 security. Secure Multi-Cloud Environments Improve cloud security and overcome complexity across multi-cloud environments. Secure Mergers and Acquisitions Control cyber risk for business acquisitions and dispersed business units. Operational Technology Solve security operations challenges affecting critical operational technology (OT) infrastructure. Force-Multiply Your Security Operations Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals. Explore Our Solutions * Platform Go Back The GreyMatter Platform Detection Investigation Response Modernize Detection, Investigation, Response with a Security Operations Platform. Threat Hunting Locate and eliminate lurking threats with ReliaQuest GreyMatter Threat Intelligence Find cyber threats that have evaded your defenses. Model Index Security metrics to manage and improve security operations. Breach and Attack Simulation GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability. Digital Risk Protection Continuous monitoring of open, deep, and dark web sources to identify threats. Phishing Analyzer GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you. Integration Partners The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies. Unify and Optimize Your Security Operations ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints. Explore the GreyMatter Platform * Resources Go Back Resources Blog Company Blog Case Studies Brands of the world trust ReliaQuest to achieve their security goals. Data Sheets Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter. eBooks The latest security trends and perspectives to help inform your security operations. Industry Guides and Reports The latest security research and industry reports. Podcasts Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches. Solution Briefs A deep dive on how ReliaQuest GreyMatter addresses security challenges. White Papers The latest white papers focused on security operations strategy, technology & insight. Videos Current and future SOC trends presented by our security experts. Events & Webinars Explore all upcoming company events, in-person and on-demand webinars ReliaQuest Resource Center From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture. Resource Center * Research Go Back Threat Research Threat Research Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research. Shadow Talk ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories. Featured Research Ransomware and Cyber-extortion Trends in Q4 2023 February 01, 2024 * Company Go Back Company About ReliaQuest We bring our best attitude, energy and effort to everything we do, every day, to make security possible. Leadership Security is a team sport. No Show Dogs Podcast Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries. Make It Possible Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals. Careers Join our world-class team. Press and Media Coverage ReliaQuest newsroom covering the latest press release and media coverage. Become a Channel Partner When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions. Contact Us How can we help you? A Mindset Like No Other in the Industry Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams. * Search Go Back More results... Generic selectors Exact matches only Search in title Search in content Post Type Selectors Filter by Categories Brand Protection Company Company Updates Cybercrime and Dark Web Research Data Leakage Detection and Response GreyMatter Product ReliaQuest SB Syndication Security Automation Security Metrics Security Operations Threat Hunting Threat Intelligence Search Request a Demo Back to blog RANSOMWARE AND CYBER-EXTORTION TRENDS IN Q4 2023 ReliaQuest Threat Research Team 1 February 2024 * Threat Intelligence TABLE OF CONTENTS 1. The Growing Ransomware Threat: What, Where, and Why? 2. Extortion Evolution: New Tactics, Same Objective 3. Ransomware in 2024: What’s in the Pipeline? 4. Future-Proofing In the fourth quarter of 2023 (Q4 2023), a stunning 80% more organizations were hit by ransomware attacks than in Q4 2022. It’s an alarming statistic…an emergency flare signaling the growing threat cybercriminals pose to businesses of all sizes. November marked a significant contribution to the ransomware activity surge, at least partly because the Citrix Bleed vulnerability was heavily exploited. On top of that, November brought new aggressive extortion tactics by the ransomware group “ALPHV,” involving the US Securities and Exchange Commission (SEC) to pressure their targets. Every problem leaves a lesson, which is why we’re about to dig deep into these developments. The light at the end of the tunnel is a clearer view of the evolving ransomware landscape, and attacker strategies. THE GROWING RANSOMWARE THREAT: WHAT, WHERE, AND WHY? In Q4 2023, ransomware was delivered primarily through public-facing application vulnerabilities and phishing attacks. The dramatic growth in ransomware attacks can be attributed to several factors. First, attackers had easy access to ransomware-as-a-service (RaaS) tools. They were also, almost certainly, driven by the attractive risk-reward ratio: Few attackers were caught and held accountable for cyber attacks. Figure 1: Number of compromised entities listed on data-leak sites by month in 2023 November 2023 stood out as particularly busy, with the second-highest number of compromised entities all year. The reason is probably down to all the threat groups that jumped to exploit the Citrix Bleed vulnerability to deliver ransomware. Historically, threat groups have been zealous about newly uncovered, high-severity vulnerabilities. Citrix Bleed was especially appealing because attackers easily bypassed multifactor authentication (MFA) to hijack user sessions. That’s why it’s crucial to prioritize security patches and manage vulnerabilities effectively. During Q4, many threat actors took advantage of critical vulnerabilities to distribute ransomware. The Q4 2023 sectoral pattern of targeting remained largely consistent with the previous quarter: Manufacturing; professional, scientific, and technical services; and construction bore the brunt of the impact. Knowing which sectors are being targeted—and in which locations—can help drive proactive security measures to best prepare for a potential attack. The regional preference was for the United States, plus the United Kingdom and Canada. Those three countries experienced the majority of documented ransomware attacks, which stands to reason: They’re appealing because of their thriving economies, English-speaking populations, and ability to pay large sums to reinstate compromised systems. They’ve become prime targets for cybercrime groups, whose members recognize the potential to seize substantial ransom payments. Figure 2: Number of compromised entities listed on data-leak sites by threat group in Q4 2023 The number of ransomware groups only continues to expand, and the availability of RaaS continues to attract operators with varying skill levels. So we can expect the increase in ransomware attacks that began in 2023 to persist throughout 2024. Implementing proactive security measures will be essential for organizations of all sizes. EXTORTION EVOLUTION: NEW TACTICS, SAME OBJECTIVE Cyber-threat actors constantly find innovative ways to bypass the latest defensive systems. (Check out our recap of cyber-threat techniques in Q4.) They’re exploiting vulnerabilities that have not been addressed and/or targeting unsuspecting users. In the final stretch of 2023, we saw not only more attacks from certain groups, but also new tactics and techniques. For security defenders, it’s a dynamic cat-and-mouse game, and their cybersecurity approach must stay one step ahead of threat actors’ attack strategies. Organizations and individuals should continuously update their defenses, stay vigilant, and place ongoing education and awareness at the forefront, to counter the evolving and increasingly aggressive cyber threats. We’ve come up with some specific mitigation recommendations, based on Q4 threats that seem determined to not fade away: ALPHV UPS THE ANTE WITH SEC DISCLOSURES The ransomware group ALPHV (aka “BlackCat”) adding an extra layer of aggression to their Q4 extortion tactics: The notorious group used SEC reporting measures against their targets after an attack, for an extra layer of extra intimidation and pressure to meet their demands. The hyper-aggression is in response to a growing resistance to paying ransom demands. Involving the SEC (or other regulatory bodies) intensifies consequences and public scrutiny for compromised entities. ALPHV’s new tactic emphasizes the need for heightened cybersecurity measures, and preparedness for other new or evolving tactics. Security teams would also benefit from performing ongoing reviews and updates of policies, to better respond to aggressive ransomware tactics. Also, because ALPHV is known to gain initial access to organizations through social engineering and moving laterally in a network via remote desktop protocol (RDP), we recommend: * Securing remote-access tools by implementing application controls * Educating staff about social engineering and phishing attacks * Installing and updating antivirus software Figure 3: Screenshot of ALPHV’s post reporting an organization to the SEC PLAY’S PROACTIVE DEMANDS In Q4, we saw a significant increase in the number compromised entities listed by the ransomware group “Play” (aka Playcrypt). The group tends to gain initial access by exploiting known public-facing vulnerabilities, such as in FortiOS, practices double-extortion, and observes a discreet-but-proactive approach in attacks: Instead of providing direct payment instructions in ransom notes, they instruct victims to contact them via email. Requesting payment in cryptocurrency, Play members specify wallet addresses where the ransom should be sent. If a target doesn’t play ball, the group escalates the situation by threatening to publicly disclose the exfiltrated data on their designated leak site. Play likes to exploit flaws in public-facing applications to gain initial access, and exploits highly privileged administrator accounts; with that in mind, we recommend: * Keeping all operating systems, software, and firmware up to date * Practicing the principle of least privilege * Ensuring systems are covered by up-to-date policies LOCKBIT BEEFS UP MEMBER BASE Following the fall of “NoEscape” and ALPHV’s temporary outage, the “LockBit” group saw a chance to recruit members from those notorious ransomware operations. LockBitSupp, the group’s public representative, offered affiliates the use of LockBit’s data-leak site and negotiation panel. It’s unclear whether the recruitment scheme worked, but at least one organization whose compromise was linked to ALPHV ended up being named on LockBit’s leak site. One thing that is clear: LockBit—the most active group throughout 2023—is firmly determined to not only maintain but enhance operations. By expanding membership, LockBit would increase operational capacity, which means the group has no intention of slowing down or pausing activities. Individuals and organizations should remain vigilant and fortify their cybersecurity defenses in light of the innovation and determination LockBit is showing. LockBit and affiliates have been seen moving laterally through the systems of familiar tools, such as Windows PowerShell and server message block (SMB), so we recommend: * Disabling command-line and scripting activities and permissions * Restricting service accounts from remotely accessing other endpoints * Reviewing and disabling internet-facing services that are no longer in use RANSOMWARE IN 2024: WHAT’S IN THE PIPELINE? The 2023 boost in the number of ransomware victims is a trend that looks set to continue. Here’s what we’re also anticipating: LOCKBIT’S NETSCALER AFFINITY LockBit has been exploiting vulnerabilities in NetScaler, a widely used networking technology, to target high-value organizations (banks, governments, law firms, etc). That focus suggests LockBit aims to maximize its impact and associated potential for large ransom payments; such organizations often possess sensitive (read: valuable) data. Given the profitability and success of these attacks, LockBit will probably continue its NetScaler exploitation and industry focus. To mitigate the risk, organizations should patch and update their NetScaler applications. CLOP’S COMEBACK POTENTIAL In case you’re a complete stranger to cyber threat intelligence, “Clop” is a group is known for its large-scale ransomware attacks, managed file transfer (MFT) vulnerability exploits, and zero-day exploitation. To say the group has been prolific is an understatement. But following a spate attacks of its MOVEit campaign in mid-September 2023, Clop’s activity tapered off; the group named 95.3% fewer victims in Q4 2023 than in the previous quarter. This tapering after an activity surge has been seen with Clop before, following a 2020–21 campaign that abused several zero-days. In other words, Clop could very well make a comeback. To guard against similar campaigns, organizations should minimize exposure on MFT sites by limiting content storage duration to about 5 or 10 business days—after all, these services are primarily intended for file transfers rather than long-term storage. NOESCAPE’S SILENT THREAT (FOR NOW) Within just seven months, the NoEscape group listed 145 compromised organizations on its data-leak site. In Q4 2023, the group named 24.6% more compromised entities than in the previous quarter. But, all stats aside, NoEscape hasn’t reported any newly compromised entities since December 4, 2023. Affiliates of NoEscape allege that the group conducted an exit scam that allegedly led to ransom payments worth millions of dollars. The group took down their data-leak site and has lost the trust of affiliates. But again, it’s reasonable to anticipate another iteration of the group at some point, based on the fact that NoEscape emerged as a rebrand of “Avaddon,” and given its success with multi-extortion tactics. NoEscape affiliates are known to deliver the ransomware through various means, but the most prominent is malicious file downloads and infected email attachments. Organizations should regularly update antivirus software and conduct security awareness training for employees. FUTURE-PROOFING Interested in learning more about the cyber-threat landscape in 2024? Our Cyber-threat Predictions blog offers a comprehensive analysis of various topics, including the risks associated with the abuse of artificial intelligence, the potential impacts of geopolitical tension, evolving trends in initial access and ransomware, and best practices for preparing against a wide range of cyber threats. FUTURE-PROOF YOUR ORGANIZATION FROM RANSOMWARE AND OTHER CYBER THREATS WITH AI Gain valuable insights on specific use cases of AI across the detection, investigation, and response workflow with this "Emerging Tech" report by Gartner. Get the Research Report TABLE OF CONTENTS 1. The Growing Ransomware Threat: What, Where, and Why? 2. Extortion Evolution: New Tactics, Same Objective 3. Ransomware in 2024: What’s in the Pipeline? 4. Future-Proofing ReliaQuest Threat Research Team The ReliaQuest Threat Research Team comprises SOC experts, security researchers, security practitioners, and intelligence analysts dedicated to bringing you the latest global analysis and essential updates within cyberthreat intelligence for your organization. Explore Blogs GET STORIES TO YOUR INBOX Subscribe now * By clicking “Subscribe Now”, I agree to the Terms and Conditions TABLE OF CONTENTS 1. The Growing Ransomware Threat: What, Where, and Why? 2. Extortion Evolution: New Tactics, Same Objective 3. Ransomware in 2024: What’s in the Pipeline? 4. Future-Proofing ReliaQuest Threat Research Team The ReliaQuest Threat Research Team comprises SOC experts, security researchers, security practitioners, and intelligence analysts dedicated to bringing you the latest global analysis and essential updates within cyberthreat intelligence for your organization. Explore Blogs GET STORIES TO YOUR INBOX Subscribe now * By clicking “Subscribe Now”, I agree to the Terms and Conditions Resources RELATED BLOGS TOP CYBER-THREAT TECHNIQUES IN Q4 2023: WHAT WE’RE SEEING 3 Mins Learn More VALID ACCOUNT CREDENTIAL ABUSE: EXPLOITING THE WEAKEST LINK 3 Mins Learn More CYBER-THREAT THROWBACK: 2023 ERUPTIONS SPELLING NEW-YEAR DISRUPTIONS 5 Mins Learn More All Blogs SEE GREYMATTER IN ACTION Get a live demo of our security operations platform, GreyMatter, and learn how you can improve visibility, reduce complexity, and manage risk in your organization. Request a Demo Contact ReliaQuest Sales (800) 925-2159 Global Corporate Headquarters 1001 Water St Suite 1900 Tampa, FL 33602 * * * * * Solutions * Solution Overview * Reduce Noise and False Positives * Maximize Security Investments * Automate Security Operations * Beyond MDR * Secure with Microsoft E5 * Secure Multi-Cloud Environments * Secure Mergers and Acquisitions * Operational Technology Security Operations Platform * GreyMatter Overview * Detection, Investigation, and Response Automation * Model Index * Threat Hunting * Breach and Attack Simulation * Threat Intelligence * Digital Risk Protection * Phishing Analyzer * Integration Partners Company * About ReliaQuest * Leadership * Company Blog * Event/Webinar * Press and Media * Careers * Become a Partner * Contact ReliaQuest * Request a Demo * Vulnerability Disclosure Program * Privacy Policy * ReliaQuest Platform and Support Agreement * © 2024 ReliaQuest, LLC All Rights Reserved ✓ Thanks for sharing! AddToAny More… word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1