Travelers Publishes Cyber Threat Report Highlighting an Increase in Ransomware Activity
Travelers (NYSE: TRV) has released its Q4 2024 Cyber Threat Report, revealing an increase in ransomware attacks targeting organizations with weak VPN security measures. The report highlights that basic attack techniques remain highly effective for ransomware groups, who actively seek vulnerable targets lacking multifactor authentication (MFA).
Key findings show a rise in new ransomware groups, particularly smaller and more agile threat actors, partly due to law enforcement disrupting established Ransomware-as-a-Service platforms. The report identified IT services and consulting firms as increasingly targeted sectors, noting their potential to amplify attacks through client connections. Additionally, the construction sector remained a primary target, while hospitals, healthcare organizations, and government administration faced persistent threats.
Travelers (NYSE: TRV) ha pubblicato il suo Rapporto sulle Minacce Cyber per il quarto trimestre del 2024, rivelando un aumento degli attacchi ransomware rivolti a organizzazioni con misure di sicurezza VPN deboli. Il rapporto evidenzia che le tecniche di attacco di base rimangono altamente efficaci per i gruppi di ransomware, che cercano attivamente obiettivi vulnerabili privi di autenticazione multifattoriale (MFA).
I risultati chiave mostrano un aumento di nuovi gruppi di ransomware, in particolare attori delle minacce più piccoli e agili, in parte a causa dell'intervento delle forze dell'ordine che hanno interrotto le piattaforme consolidate di Ransomware-as-a-Service. Il rapporto ha identificato le aziende di servizi IT e consulenza come settori sempre più bersagliati, notando il loro potenziale di amplificare gli attacchi attraverso le connessioni con i clienti. Inoltre, il settore delle costruzioni è rimasto un obiettivo primario, mentre ospedali, organizzazioni sanitarie e amministrazioni governative hanno affrontato minacce persistenti.
Travelers (NYSE: TRV) ha publicado su Informe sobre Amenazas Cibernéticas del cuarto trimestre de 2024, revelando un aumento en los ataques de ransomware dirigidos a organizaciones con medidas de seguridad VPN débiles. El informe destaca que las técnicas de ataque básicas siguen siendo altamente efectivas para los grupos de ransomware, que buscan activamente objetivos vulnerables que carecen de autenticación multifactor (MFA).
Los hallazgos clave muestran un aumento en nuevos grupos de ransomware, particularmente actores de amenazas más pequeños y ágiles, en parte debido a la interrupción de plataformas establecidas de Ransomware-as-a-Service por parte de las fuerzas del orden. El informe identificó a las empresas de servicios de TI y consultoría como sectores cada vez más atacados, señalando su potencial para amplificar ataques a través de conexiones con clientes. Además, el sector de la construcción siguió siendo un objetivo principal, mientras que hospitales, organizaciones de salud y administraciones gubernamentales enfrentaron amenazas persistentes.
Travelers (NYSE: TRV)는 2024년 4분기 사이버 위협 보고서를 발표하며, 약한 VPN 보안 조치를 가진 조직을 겨냥한 랜섬웨어 공격의 증가를 밝혔습니다. 보고서는 기본 공격 기술이 랜섬웨어 그룹에게 여전히 매우 효과적이며, 다단계 인증(MFA)이 없는 취약한 대상을 적극적으로 찾고 있음을 강조합니다.
주요 발견은 새로운 랜섬웨어 그룹의 증가를 보여주며, 특히 더 작고 민첩한 위협 행위자들이 증가하고 있다는 점입니다. 이는 법 집행 기관이 기존의 랜섬웨어 서비스 플랫폼을 중단시킨 결과이기도 합니다. 보고서는 IT 서비스 및 컨설팅 회사가 점점 더 공격의 표적이 되고 있다고 지적하며, 고객 연결을 통해 공격을 증폭시킬 가능성을 언급했습니다. 또한, 건설 산업은 주요 표적이었으며, 병원, 의료 기관 및 정부 행정은 지속적인 위협에 직면했습니다.
Travelers (NYSE: TRV) a publié son Rapport sur les Menaces Cyber pour le quatrième trimestre 2024, révélant une augmentation des attaques par ransomware ciblant des organisations avec des mesures de sécurité VPN faibles. Le rapport souligne que les techniques d'attaque de base restent très efficaces pour les groupes de ransomware, qui recherchent activement des cibles vulnérables dépourvues d'authentification multifactorielle (MFA).
Les résultats clés montrent une augmentation de nouveaux groupes de ransomware, en particulier des acteurs de menaces plus petits et plus agiles, en partie en raison de l'intervention des forces de l'ordre qui ont perturbé les plateformes établies de Ransomware-as-a-Service. Le rapport a identifié les entreprises de services informatiques et de conseil comme des secteurs de plus en plus ciblés, notant leur potentiel à amplifier les attaques via les connexions clients. De plus, le secteur de la construction est resté une cible principale, tandis que les hôpitaux, les organisations de santé et les administrations gouvernementales ont continué à faire face à des menaces persistantes.
Travelers (NYSE: TRV) hat seinen Cyber-Bedrohungsbericht für das vierte Quartal 2024 veröffentlicht, der einen Anstieg von Ransomware-Angriffen auf Organisationen mit schwachen VPN-Sicherheitsmaßnahmen aufzeigt. Der Bericht hebt hervor, dass grundlegende Angriffstechniken für Ransomware-Gruppen weiterhin sehr effektiv sind, die aktiv nach verwundbaren Zielen ohne Mehrfaktorauthentifizierung (MFA) suchen.
Wichtige Ergebnisse zeigen einen Anstieg neuer Ransomware-Gruppen, insbesondere kleinerer und agiler Bedrohungsakteure, teilweise aufgrund der Störung etablierter Ransomware-as-a-Service-Plattformen durch die Strafverfolgungsbehörden. Der Bericht identifizierte IT-Dienstleistungs- und Beratungsunternehmen als zunehmend angegriffene Sektoren und stellte fest, dass sie das Potenzial haben, Angriffe durch Kundenverbindungen zu verstärken. Darüber hinaus blieb der Bausektor ein primäres Ziel, während Krankenhäuser, Gesundheitsorganisationen und Regierungsbehörden anhaltenden Bedrohungen ausgesetzt waren.
- Acquisition of Corvus cyber insurance underwriter strengthens TRV's cybersecurity capabilities
- Expansion of cybersecurity services offering including real-time monitoring and 24/7 specialist access
- Increased ransomware threats could lead to higher insurance claims
- Rising vulnerability in key client sectors (IT services, healthcare, construction) may impact risk exposure
“Based on our observations, it’s clear that basic attack techniques are still highly effective for ransomware groups,” said Jason Rebholz, Vice President and Cyber Risk Officer at Travelers. “These groups have been on the offensive, proactively hunting for targets and having significant success. It’s vital that businesses implement proven security controls, such as MFA, to make it far more challenging for malicious actors to carry out an attack on their organization. Travelers can help mitigate the risks.”
Travelers works with policyholders by customizing a cybersecurity readiness approach. It includes identifying any cyber vulnerabilities and addressing exposures through a range of pre-breach services, real-time monitoring and alert systems, and around-the-clock access to specialists who help businesses reduce the chance of suffering a cyber event, and recover quickly if an attack does take place.
Ransomware Group Activity
The report identified an increase in new ransomware groups, indicating a proliferation of smaller, more agile threat actors in the cybercrime ecosystem. The formation of new groups can be attributed to several factors, including law enforcement’s disruption of several well-established Ransomware-as-a-Service (RaaS) platforms.
Industry Analysis
One trend that stood out in the report was the increased targeting of IT services and consulting firms. The targets function as intermediaries for other industries, amplifying the impact of an attack through their connections to multiple clients. Government administration, while not as dominant as other sectors, experienced a surge in late 2024.
Additional key findings from the report:
- The construction sector remained a primary target in 2024.
- Hospitals and health care organizations faced persistent threats.
Previous editions of this quarterly report were announced by Corvus, a cyber insurance managing general underwriter. Travelers acquired Corvus in early 2024.
About Travelers
The Travelers Companies, Inc. (NYSE: TRV) is a leading provider of property casualty insurance for auto, home and business. A component of the Dow Jones Industrial Average, Travelers has more than 30,000 employees and generated revenues of more than
View source version on businesswire.com: https://www.businesswire.com/news/home/20250306034145/en/
Media:
Kerry Pillion
kpillion@travelers.com
Source: The Travelers Companies, Inc.
FAQ
What are the main findings of Travelers' Q4 2024 Cyber Threat Report?
Which industries are most targeted by ransomware attacks according to TRV's Q4 2024 report?
How does Travelers (TRV) help companies prevent ransomware attacks?
What security measures does TRV recommend to prevent ransomware attacks?
