18th December 2024: Arete’s Q3 2024 report reveals that the Manufacturing and Scientific & Technical Services industries were among the most targeted by ransomware groups, accounting for 19.5% and 15.6% of total incidents, respectively. Despite the challenges, both sectors demonstrated notable resilience, with Manufacturing standing out as one of the top industries capable of recovering without paying a ransom.
While no single ransomware group explicitly focused on Manufacturing, several prominent threat actors—including Play, Akira, Fog, and RansomHub—were involved in these threats. In contrast, the Professional, Scientific & Technical Services sector experienced significant activity from BianLian, which employed email-based tactics leading to comparatively lower ransom demands.
The Healthcare & Social Assistance sector also faced considerable disruption, with the Rhysida group exploiting fake Microsoft Teams applications to deploy malware, illustrating the continually evolving tactics of threat actors.
A key trend this quarter was Play’s emphasis on high-revenue organizations, with victims averaging $250 million in annual revenue and ransom demands reaching up to $1.5 million. However, Arete’s analysis indicates that ransom payment decisions were more strongly influenced by factors such as backup availability and internal recovery capabilities rather than industry type or revenue alone.
“As threat actors evolve their tactics, Arete continues to monitor their activity, analyze trends, and leverage our threat intelligence to better respond to cyber threats,” said Geoff Brown, Arete’s President and Chief Operating Officer. “Using this unique data, we are dedicated to protecting our clients, informing our partners, and contributing to the shared fight against cyber extortion.” Brown added.
In light of these findings, Arete emphasizes the need for organizations to adopt a proactive approach to cybersecurity. This includes, investing in advanced threat detection technologies, conducting regular security assessments, providing employee training to strengthen overall cyber defenses.
By staying ahead of evolving threats and preparing for potential incidents, organizations can better protect critical assets and ensure faster recovery from disruptions.
Arete advocates for a comprehensive cybersecurity strategy that prioritizes prevention as well as incident response, safeguarding both data and operations in an increasingly interconnected world.