Malwarebytes, a global leader in real-time cyber protection, released its 2024 threat assessment report – "2024 ThreatDown State of Malware". The report indicates nearly half of all ransomware attacks in 2023 were in the U.S.

The annual cybersecurity analysis report looks at the most prominent attacks and cybercrime tactics across popular operating systems and how IT teams, particularly those who operate on tight budgets, can address them.

Organizations face a deluge of cyber threats daily including ransomware, malware, and phishing attacks. The threat landscape is constantly evolving, with the increased use of AI and cybercriminals' new tactics, including targeting a higher volume of targets at the same time.

Alongside the rise of ransomware attacks in 2023 (a 68 percent increase), the average ransom demand also climbed significantly.

The LockBit gang was responsible for the largest known demand - $80M - following an attack on Royal Mail. LockBit remains the most widely used ransomware-as-a-service, which accounted for more than twice as many attacks as its nearest competitor in 2023.

Malicious advertising - or malvertising - also made a comeback in 2023 and threatened both businesses and consumers alike. Cybercriminals send emails impersonating well-known brands to deliver both Windows and Mac malware through highly convincing ads and websites that trick users into downloading malware on their devices. "Ransomware Attacks Increased by 68% in 2023 according to Malwarebytes' New "2024ThreatDown State of Malware Report" www.malwarebytes.com (Feb. 06, 2024)

Commentary

The 2024 report found Amazon, Rufus, Weebly, NotePad++, and Trading View to be the top five most impersonated brands. In addition, Dropbox, Discord, 4sync, Gitlab, and Google emerged as the top five most abused hosts.

Training your employees on what to look for and what to be suspicious of until verified will assist your organization's ability to defend itself substantially.

Social engineering tactics present a challenge. To have to scrutinize emails and messages takes precious time away from productivity. Acknowledge this in your training, but insist that the time spent verifying the legitimacy of the online message is much less than the time spent recovering from a breach.

As the report suggests, even if an e-mail itself looks legitimate, the return address or host may give you a clue the email is not legit. Hover your mouse over the text of the hyperlink. You should see the full URL, which will help to show whether it leads to a legitimate website. A file attached to an email from Amazon, for example, is unlikely to be hosted on a non-Amazon server.

With that stated, when in doubt do not select an attachment or link, or perform the directives of any online message that is unexpected and/or as to which you have doubts about its authenticity.