ICT sector hardest hit by ransomware

• This is according to the Annual Ransomware Overview 2024 (link to other website) .

Ransomware is malicious software that invades computers and encrypts files. Attackers then demand a ransom from their victims to decrypt the files. The Digital Trust Center (DTC) identified some notable trends:

• The ICT sector was the most affected sector at 24%, almost double that of the previous year. Followed by the trade (20%) and manufacturing (13%) sectors.

• In most cases, the attack occurred via account takeover (38%), in which an attacker gained full control of an account, often with stolen login credentials.

• 29% of victims paid ransom, up 11% from 2023.

• In 2023, 147 ransomware incidents were reported. This number dropped to 121 in 2024. Of these incidents, 76 were known through reports and 20 through incident response companies.

• The ransomware group Cactus was responsible for many Dutch victims and exploited a vulnerability in Qlik Sense Server (link to other website).

Project Melissa

The Annual Ransomware Overview 2024 was published by the Melissa project, a partnership of the Public Prosecutor's Office (OM), the police, the National Cyber Security Center (NCSC) and cyber security companies affiliated with Cyberveilig Nederland. The incident information in the annual report is based on data from the NCSC, the police and 9 security companies. Tips to reduce cyber risks for entrepreneurs can be found in the 5 basic principles of safe digital entrepreneurship (link to other website).