Rapid7, Inc. (NASDAQ: RPD), a leader in extended risk and threat detection, today announced the release of its Ransomware Radar Report in conjunction with the company’s presence at Black Hat USA. The all-new research report provides a fresh perspective on the global ransomware threat by analyzing, comparing, and contrasting attacker activity and techniques over an 18-month period ending June 30, 2024.
According to the report, ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises. They market their services to prospective buyers, offer company insiders commissions in exchange for access, and run formal bug bounty programs. In addition, Rapid7 researchers found three major clusters of ransomware families with similar source code, indicating that ransomware groups are focusing their development efforts on quality over quantity.
“The Ransomware Radar Report uses data to tell the story of how ransomware and the threat actors that wield it are evolving,” said Christiaan Beek, senior director, threat analytics at Rapid7. “For example, the related source code, combined with a continuing decline in the number of unique ransomware families, suggests a move toward more specialized and highly effective ransomware variants, rather than a broad array of less sophisticated malware.”
Additional key findings from the Ransomware Radar Report include:
“The report’s insights into the ransomware landscape are crucial for informing Defenders’ cybersecurity strategies,” said Beek. “From our own detection engineering point of view, the clusters and additional report information, such as the usage and type of encryption algorithms, help us uplevel hunting techniques and prevention, detection, and response technologies. Rapid7 continually investigates new techniques used by threat actors and ransomware operators, tests them against our patented Ransomware Prevention technology, and creates new preventions to ensure customers are protected against the latest threats.”
Security practitioners and other stakeholders fighting ransomware can access the full report now at https://www.rapid7.com/research/report/ransomware-radar-report/. The schedule of Rapid7’s Black Hat USA events and on-site meeting request form are both available here.
# # #
About the Ransomware Radar Report
The Rapid7 Ransomware Radar Report provides a comprehensive analysis of ransomware incidents and binaries recorded and gathered globally, offering insights into trends, attacker profiles, ransomware families, and the implications for cybersecurity defenses. The data used for the report comes from Rapid7’s incident response teams and independent Rapid7 Labs research. The ransomware sample dataset used consists of (i) prevalent and available ransomware families from 2023 which continued their operations into 2024, and (ii) new 2024 ransomware samples that were observed until the end of June, 2024.
About Rapid7
Rapid7, Inc. (NASDAQ: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 11,000 global customers unite cloud risk management and threat detection to reduce attack surfaces and eliminate threats with speed and precision. For more information, visit our website, check out our blog, or follow us on LinkedIn or X.