Ransomware threats increased fourfold during 2024, likely driven by prolific Ransomware-as-a-Service (RaaS) activity, according to Barracuda’s latest annual review of XDR detection and incident data. Email threats that made it through to user inboxes were the fifth most detected threat overall, highlighting the growing risk of sophisticated and evasive attacks enabled by Phishing-as-a-Service (PhaaS) platforms.
In 2024, Barracuda Managed XDR logged 11 trillion IT events — around 350,000 events per second — to identify a million potential risks and thousands of incidents that required immediate defensive action. Threat analysts in Barracuda’s Security Operations Center have drawn on this unique dataset to highlight the most common ways threat actors tried to breach and disrupt targets around the world in 2024.
Key findings
Ransomware threats increased fourfold during 2024, alongside the widespread availability and use of Ransomware-as-a-Service (RaaS) platforms. Barracuda Managed XDR’s ransomware threat data is based on the detection of tools, techniques, or behaviors that indicate an unfolding or imminent ransomware attack. These highlight how attackers hunt down and leverage unprotected devices and access points to further their attack.
The most common threats targeting XDR-protected systems in 2024 show where threat actors expect customers to be most vulnerable. They include inadequate authentication measures for account logins, poor password policies, and a lack of education about social engineering, alongside under-protected VPNs and the poorly managed use of remote desktop protocols.
Email threats that made it through to user inboxes were the fifth most detected threat overall, highlighting the growing risk of sophisticated and evasive attacks enabled by Phishing-as-a-Service (PhaaS) platforms.
“The rise of as-a-service platforms is helping to power the growing sophistication, agility, and evasive nature of cyberattacks, from ransomware to phishing,” said Eric Russo, Director, SOC Defensive Security at Barracuda. “The developers behind these platforms often have the time, resources, and skills to invest heavily in advanced and evasive toolsets and templates. Organizations need deep, extended security to boost their defenses and cyber resilience against such attacks.
“A comprehensive XDR solution that integrates network, endpoint, server, cloud, and email security means that every corner of the digital infrastructure is monitored and protected with advanced security measures and a full spectrum of defensive tools, combined with proactive threat hunting and response strategies.”
The data also shows the speed of unfolding attacks in 2024. Advances in security tools and strategies mean that intruders are now more easily and quickly detected and removed from the network. Threat actors have responded by accelerating their attacks. Barracuda Managed XDR’s detection data and incident examples from 2024 show how these two approaches might compare.
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram
