[PDF]

Ransomware Index 2024: A threat and vulnerability management perspective PDF Free Download

1 / 16
0 views16 pages

Ransomware Index 2024: A threat and vulnerability management perspective PDF Free Download

Ransomware Index 2024: A threat and vulnerability management perspective PDF free Download. Think more deeply and widely.

A threat and vulnerability management perspecve.
Ransomware Index
2024
Ransomware Index Report 2024 Securin 1
Authencaon and access control vulnerabilies dominated the ransomware exploit
toolkit.
5. Access All Areas
Aackers adopted an Advanced Persistent Threat’ strategy, seeking lateral movement
and persistence, with more strategic targeng making it more difficult for security teams
to cover defenses.
4. APT is a PITA
With 14.5% of aacks, healthcare bore the brunt of the ransomware pain as aackers
turned their aenon to crical sectors.
3. Healthcare Feels the Pain
Cross-collaboraon between ransomware groups, mul-stage aack strategies, and
sophiscated persistence mechanisms are the new normal.
2. Old Groups, New Tricks
RansomAI was the evoluon of a nightmare scenario. The ransomware group FunkSec
provided a compelling example of how generave arficial intelligence (GenAI) is lowering
the barrier to entry for sophiscated aacks.
AI-Assisted Ransomware Ops
Key Findings & Trends
What’s Keeping Us Up at Night:What’s Keeping Us Up at Night:
Ransomware in 2024 was no longer *just* about encrypon: it was about control, persistence, and
maximum disrupon. It was also the year that arficial intelligence (AI) entered the chat: while security
teams were busy training it to detect threats, the ulmate plot twist saw aackers using it to create
malware that other AI systems couldn’t detect. Overall, Securin’s research shows that 2024 was a year
of sophiscaon, collaboraon, evoluon, and strategic thinking – for ransomware aackers.
The Year the Machines Joined the Mayhem
When Gen-AI Met Ransomware:When Gen-AI Met Ransomware:
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 2
AI-generated polymorphic ransomware, paired with adapve
exploit code, poses a severe threat by evading current EDRs
and security tools. This fast-evolving malware chains CVEs
into complex aack sequences, exploing system weaknesses
at scale and risking massive financial losses.
Dr. Srinivas Mukkamala | Securin Advisor
Most common aack paerns - and what
we can learn from them.
04
05 Best pracces for migang the threats.
Top weaknesses being exploited - and
which sectors are under fire.
03
Profile of the main threat actors, their taccs
and techniques.
02
Generave AI as both tool and target, and the
emergence of RansomAI.
01
What’s In
This Report?
Boom Line: This evoluon represents a significant challenge for defenders, as it combines the
persistence of ransomware groups with increasingly sophiscated exploitaon techniques. Aackers
are no longer simply looking for ways in; they’re strategically selecng vulnerabilies that provide the
broadest possible access, and the greatest chance of success.
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Preempve security is crical—proacvely remediang vulnerabilies
before they’re hit. We must shi from priorizing single CVEs to
analyzing CVE chains, using machine learning to predict aack paths and
bolster defenses.
Adapve security technology that learn ransomware’s tricks are key.
Without this evoluon in cybersecurity, AI-driven ransomware will
outpace us, turning vulnerabilies into weapons. Vigilance and
innovaon are non-negoable.
Ransomware Index Report 2024 Securin 3
The emergence of FunkSec – an AI-assisted
ransomware operaon – provided a compelling
example of how GenAI lowers the barrier to entry
for sophiscated aacks. Despite evidence that it’s
operated by relavely inexperienced actors, FunkSec
showed remarkable effecveness, claiming over 100
vicms with its double-extoron taccs and
AI-assisted tool development — maximizing impact,
maintaining low operaonal costs and surpassing the
efforts of established groups like Cl0p and Akira.
If many quesoned the credibility of FunkSec’s
claims, the EGAN framework showed us just how
bad things could get…
SPOTLIGHT: FunkSec - All of the Damage, None of the Experience
e.g., SSRF in AI Apps
New Aack Vectors
Model Poisoning
Prompt Injecon
Infrastructure
Supply Chain
GenAI as Target
e.g., RansomAI
Increased Aack Surface
Ecosystem
Generave AI
e.g., FunkSec
Low Barrier to Entry
Code Generaon
Evasion (EGAN)
Adapve Behavior
Social Engineering
GenAI as Aack Tool
Dual Impact of GenAI on Ransomware Operaons
The emergence of AI-assisted ransomware operaons in 2024 represented a significant shi in the
cybercrime ecosystem. As GenAI is increasingly integrated into both offensive and defensive
operaons, the threat landscape is being transformed in ways that demand immediate aenon.
AI-Powered Ransomware:
The Democrazaon of Ransomware Development
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 4
Cross-Prompt Injecon Aacks pose a parcular threat to AI systems, allowing malicious
actors to bypass security controls and manipulate AI systems into performing unauthorized
acons. Microso’s success in creang an automated scamming system using a combinaon
of large language models (LLM) and text-to-speech technologies illustrates how these
vulnerabilies could be weaponized at scale.
Cross-Prompt Injecon Aacks
The proliferaon of AI systems has created new aack surfaces that ransomware operators are
beginning to exploit. Microso's red team idenfied several crical vulnerabilies in AI infrastructure
that could be leveraged by ransomware operators:
AI Systems as High-Value Targets
90% success rate in evading detecon while encrypng files.
Adapve encrypon where RansomAI learned to opmize itself.
Automated aack process from reconnaissance to execuon.
Intelligent detecon evasion used to avoid dynamic defenses,
mechanisms, and anomaly detecon systems.
Perhaps even more concerning
than automated malware
development is the emergence
of adapve ransomware systems
like RansomAI. Created for
research purposes, in controlled
experiments, it gave some
insight into what an AI-powered
ransomware future could look
like, and it’s not prey:
RansomAI: Tesng Out Your Worst Nightmares
1
Documented by researchers, the Evoluonal Generave Adversarial Network (EGAN) framework
demonstrates the power of adversarial machine learning in creang highly evasive, polymorphic
ransomware variants. For threat actors and defenders alike, this is next level: it’s not just about
avoiding detecon, it’s about learning from each encounter and becoming more effecve.
EGAN’s success in bypassing AI-powered anvirus systems highlighted GenAI’s capacity to automate
the process of creang detecon-evasive malware. The framework demonstrates how reinforcement
learning can be used to create ransomware that dynamically adjusts its behavior to maximise damage,
while retaining stealth. The researchers’ success in bypassing commercial security soluons
underlines the growing sophiscaon of AI-assisted malware development
AI vs AI: The EGAN FrameworkAI vs AI: The EGAN Framework
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 5
While this technology enables more sophiscated aacks with lower barriers to entry, it also provides
new opportunies for defense. Proper security pracces, connuous tesng, and adapve defense
strategies are key to taking a proacve approach to emerging and evolving threats.
Maintaining strict security pracces during AI adopon, recognizing that
speed of implementaon should not compromise security.
3.
Combining automated tesng frameworks with human experse and
connuous security improvement.
2.
Developing comprehensive strategies to understand and address both
AI-enabled aacks and AI-specific vulnerabilies.
1.
In 2024, the AI threat landscape evolved beyond theory, underlining the real-world implicaons of
AI-powered ransomware. Best defense approaches include:
Key Defensive Approaches to AI-Generated Threats
2
The cybersecurity community’s response to emerging AI-ransomware and malware threats must be
mulfaceted. Microso’s open-source Python Risk Idenficaon Tool for generave AI (PyRIT)
framework is helping standardize AI red teaming pracces, enabling organizaons to adopt a
proacve approach. But, as Microso notes: “The work of securing AI systems will never be
complete.
Reality Check: For every AI model there’s a prompt that can elicit undesired behavior. Perfect
security isn’t the goal – making aacks economically unfeasible is.
Evolving Defense Strategies to Meet Emerging AI Threats
Supply chain aacks against AI systems represent another emerging threat vector. The
discovery of a Server-Side Request Forgery (SSRF) vulnerability in a video-processing GenAI
applicaon demonstrates an uncomfortable new truth: tradional security vulnerabilies
don’t just persist in AI systems, they get amplified. This finding underscores the importance
of maintaining robust security pracces even as organizaons rush to adopt AI technologies.
Supply Chain Aacks
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 6
Rank: #5
Technical Sophiscaon:
Innovaon Index:
Impact Magnitude:
ATTACKS
12%
RansomHub
The Web Master
Primary Targets:
Water Systems | Healthcare | Government
Rank: #4
Technical Sophiscaon:
Innovaon Index:
Impact Magnitude:
ATTACKS
14%
Black Basta
The Overachiever
Primary Targets:
Healthcare | Manufacturing | Infrastructure
Rank: #6
Technical Sophiscaon:
Innovaon Index:
Impact Magnitude:
ATTACKS
8%
BlackCat (ALPHV)
Healthcare
Nightmare
Primary Targets:
Healthcare | Financial
Rank: #2
Technical Sophiscaon:
Innovaon Index:
Impact Magnitude:
ATTACKS
18%
Cl0p
The Supply
Chain Sniper
Primary Targets:
IT | Manufacturing | Energy
Primary Targets:
IT | Manufacturing | Energy
Rank: #3
Technical Sophiscaon:
Innovaon Index:
Impact Magnitude:
ATTACKS
15%
Akira
The New Kid
on the Block
Primary Targets:
Educaon | Financial | Healthcare
Rank: #1
Technical Sophiscaon:
Innovaon Index:
Impact Magnitude:
ATTACKS
26%
LockBit
The Comeback Kid
Primary Targets:
Government | Manufacturing | Financial
The Top Six Notable Ransomware Operators
2024’s Most Wanted:
While AI was busy moving the goalposts, the established ransomware groups were also upping their
game. 2024 saw all of the major groups demonstrate increasing sophiscaon. Despite law
enforcement disrupon, LockBit maintained its posion as a dominant threat in ransomware. The
group’s rapid recovery following significant global crackdown showed worrying levels of resilience and
de-centralized infrastructure. Meanwhile, new ransomware groups like RansomHub and
MedusaLocker emerged, while established actors like Cl0p connued their paern of exploing file
transfer vulnerabilies. We also saw the emergence of groups focused specifically on cloud
environments, soware supply chains and crypto exchanges. Heres our analysis of the major players:
Ransomware Main Players
The Usual Suspects? Whos Aacking?
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 7
While healthcare bears the brunt of these aacks, the ripple effects extend throughout our
interconnected infrastructure. Informaon technology firms, the backbone of digital services, faced
10.3% of aacks that threatened to disrupt countless downstream organizaons. Manufacturing
facilies experienced 9.1% of aacks, creang supply chain vulnerabilies that reach far beyond
factory walls. The targeng of government facilies (8.5%) and transportaon systems (5%)
completes a troubling picture of comprehensive threats to crical infrastructure. These aren't isolated
incidents, but rather a co-ordinated assault on fundamental systems. The energy sector, though
experiencing fewer aacks, faces some of the most sophiscated threats. Notable incidents like the
Schneider Electric breach, where 1.5TB of corporate data was stolen, demonstrate how these aacks
could potenally disrupt power distribuon and crical energy infrastructure.
4
Ripple Effects Across Interconnected Infrastructure
Healthcare & Public Health
Informaon Technology
Manufacturing
Government & Public Sector
Educaon
Transportaon & Logiscs
Financial Services
Energy 2.6% of aacks
5.2% of aacks
5.3% of aacks
5.5% of aacks
9.1% of aacks
8.5% of aacks
10.3% of aacks
14.5% of aacks Communicaons
Defense
Entertainment
Food & Agriculture
Hospitality
Water & Wastewater Systems
Chemical
Dams
0.1% of aacks
0.1% of aacks
0.3% of aacks
0.4% of aacks
1% of aacks
0.9% of aacks
1% of aacks
1.6% of aacks
Severity Scale: High Low
2024 Ransomware Aacks By Industry
As Securin’s in-depth report on crical sector aacks revealed, 2024 marked a deeply concerning
paern of threats to essenal services. Our ransomware data underlines this trend, with healthcare
the most vulnerable sector at 14.5% of aacks. The sophiscaon of aacks, exemplified by groups
like LockBit and Black Basta, suggests an evoluon in taccs that poses an unprecedented challenge
to naonal security and public safety.
3
Which Sectors Are Under Aack
In The Firing Line:
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 8
What can we learn
from the data? This
mul-vectored
approach to weakness
exploitaon suggests
that aackers have a
mature understanding
of enterprise soware
vulnerabilies - and the
ability to exploit both
simple and complex
weaknesses.
CWE ID Weakness Name Count
CWE-287
CWE-119
CWE-787
CWE-288
CWE-276
CWE-306
CWE-416
CWE-22
CWE-94
5
3
3
3
2
2
2
2
2
Improper Authencaon
Improper Restricon of Operaons
within Memory Buffer
Out-of-Bounds Write
Authencaon Bypass Using Alternave Path
Incorrect Default Permissions
Missing Authencaon for Crical Funcon
Use Aer Free
Path Traversal
Code Injecon
Evolving Defense Strategies to Meet Emerging AI Threats
The exploitaon of Path Traversal (CWE-22) and Incorrect Default Permissions (CWE-276)
shows that ransomware groups are leveraging misconfiguraons and design flaws in addion
to implementaon vulnerabilies.
Misconfiguraon and Design Flaws
Including buffer operaons and out-of-bounds writes (CWE-119, CWE-787). These are
parcularly concerning because they oen lead to code execuon capabilies.
The presence of Use Aer Free (CWE-416) vulnerabilies in mulple security products
suggests that ransomware operators are also targeng more sophiscated memory
corrupon vulnerabilies that require deeper technical experse to exploit.
Memory-Related Vulnerabilies
Securin’s analysis of weaknesses exploited by ransomware in 2024 reveals a clear focus on
authencaon and access control vulnerabilies. Improper Authencaon (CWE-287) emerges as the
most commonly exploited weakness, oen paired with Authencaon Bypass (CWE-288) and
Missing Authencaon (CWE-306), indicang that ransomware aackers are primarily targeng
vulnerabilies that allow them to circumvent security controls rather than exploit memory corrupon
issues. The next most significant clusters of weakness are:
Hacker Hotspots:
Top Weaknesses Being Exploited by Ransomware Actors
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 9
For example, vulnerabilies such as Memory Buffer Operaons and Improper Input Validaon are
under-represented in MITRE’s Top 25, but dominate real-world aack paerns and exploitaon. In
fact, Memory Buffer Operaons is the most dramac under-ranking in the MITRE list: this weakness
consistently ranks as the #1 target for both threat groups and ransomware operators.
Memory-related weaknesses, such as buffer overflows and use-aer-free issues, are frequently
leveraged in sophiscated aacks due to their potenal for arbitrary code execuon and privilege
escalaon. Adversaries exploit these flaws to gain footholds in systems, deploy ransomware, and
execute remote code with elevated privileges. Security teams need to priorize vulnerabilies based
on real-world exploitaon data rather than relying solely on predefined lists.
CWE-79 (XSS)
CWE-119 (Memory Buffer)
CWE-89 (SQL Injecon)
CWE-20 (Input Validaon)
CWE-787 (Out-of-bounds)
CWE-120 (Buffer Overflow)
CWE-843 (Type Confusion)
CWE-284 (Access Control)
Common Weakness Enumeraon (CWE)
Rank
0
5
10
15
20
25
16
13
1
20
1 1
3
19
14
12
2 2 3 3
2NA
18
10
NA
13 12
NA
11
22
MITRE Rank Threat Actor Rank Ransomware Rank
Top Discrepancies: MITRE vs Threat Actor & Ransomware Rankings
Securin’s analysis of MITRE’s 2024 Top 25 Common Weakness Enumeraons (CWEs) reveals a
striking misalignment between standardized rankings and real-world exploitaon.
Discrepancies Between MITRE Rankings
and Real-World Aacks
Mind the Gap(s):
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 10
What’s notable here is the significant discrepancy between the MITRE ranking and the real-world
threat and ransomware target. Again, we see how the concept of severity vs risk comes into play
when we’re looking at MITRE Top 25 rankings whose core calculaon relies on the Common
Vulnerability Scoring System (CVSS). For example, remote code execuon vulnerabilies oen
operate as ransomware – doubling the likelihood of exploitaon. And ransomware-associated
vulnerabilies themselves are oen part of broader campaigns leveraging mulple Known Exploited
Vulnerabilies (KEVs).
The disparity between MITRE rankings and real-world exploitaon paerns suggests a need for more
dynamic and context-aware security priorizaon frameworks. They also underline challenges around
the need for context-aware rankings, resource allocaon, and the evoluon of security programs that
are flexible enough to adapt to emerging threats.
Common Weakness Enumeraon (CWE)
Rank
0
5
10
15
20
25
CWE-20 (Improper
Input Validaon)
CWE-78 (OS
Command Injecon)
CWE-416 (Use
Aer Free)
CWE-798 (Use of
Hard-coded Credenals)
CWE-1392 (Use of
Default Credenals)
CWE-284 (Improper
Access Control)
CWE-693 (Protecon
Mechanism Failure)
12
1
7
2
8
3
22
10
NA
12
NA
13
NA
14
MITRE Rank 2024 Wild Exploit Rank
Top Discrepancies: MITRE vs 2024 Exploited-in-the-Wild
The tech world has moved beyond simple web applicaons, and the cybercriminals have followed
suit. Their focus is on weaknesses that allow direct pathways to privilege escalaon, and remote code
execuon. Securins analysis of MITRE’s top 25 CWEs in their real-world context underlines this
reality: as the graph below shows, Buffer Overflow, Type Confusion, and Access Control weaknesses
have become more lucrave for threat actors than XSS and SQL Injecon.
The Implicaons of MITRE Ranking
Disparies for Ransomware
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 11
The prominence of “Exploing Trust in Client” and “OS Command Injecon” (see table above)
indicates that aackers are primarily targeng vulnerabilies that allow them to bypass security
controls and execute malicious commands with elevated privileges.
CAPEC ID Aack Paern Name Count
CAPEC-22
CAPEC-88
CAPEC-127
CAPEC-242
CAPEC-114
CAPEC-115
CAPEC-76
CAPEC-79
CAPEC-650
6
6
5
4
4
4
4
4
4
Exploing Trust in Client
OS Command Injecon
Directory Indexing
Code Injecon
Authencaon Abuse
Authencaon Bypass
Manipulang Web Input to File System Calls
Using Slashes in Alternae Encoding
Upload a Web Shell to a Web Server
CAPEC-43 4
Exploing Mulple Input Interpretaon Layers
The aack paerns for ransomware in 2024 were characterized by sophiscated exploitaon
strategies, focused on circumvenng authencaon and gaining remote code execuon capabilies.
Most Common Aack Paerns (CAPECs)
Referenced in 2024 Ransomware CVEs
CVE-2024-51568 (CyberPanel) and CVE-2024-1709 (ConnectWise ScreenConnect)
were among the most exploited vulnerabilies.
Mulple ransomware groups, including LockBit, Black Basta, and BlackCat, targeted
CVE-2024-1709, indicang a rapid exploit-sharing culture.
Cleo Harmony (CVE-2024-55956) exploitaon by Clop reflects a connued focus on file
transfer system vulnerabilies
JetBrains TeamCity (CVE-2024-27198) was exploited to compromise soware
development and deployment pipelines, shiing towards soware supply chain aacks.
New CVEs Exploited by Ransomware in 2024
Key Trends in Paerns, Taccs, & Techniques
Cracking the Code:
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Post-compromise acvies show a strong
emphasis on discovery operaons (T1082,
T1083), indicang that ransomware groups are
spending more me mapping networks before
deploying payloads.
Post-Compromise:
Inial access is primarily gained through
exploing public-facing applicaons (T1190),
followed by the high frequency of
stolen/compromised credenals abuse (T1078)
and external remote service exploitaon
(T1133).
Inial Access:
Again, we’re seeing a sophiscated aack cycle, combining opportunisc scanning with targeted
aacks emphasizing discovery, persistence and evasion of defenses:
Top Ransomware ATT&CK Taccs & Techniques 2024
Our analysis suggests ransomware groups are increasingly adopng
APT-like taccs, moving beyond simple encrypon tools to sophiscated
mul-stage aacks that leverage a diverse range of aack paerns.
3. Advanced Persistent Threat (APT) Taccs:
The increased frequency of authencaon abuse/bypass alongside
command injecon techniques demonstrates a taccal progression: bypass
security controls, then achieve code execuon. More complex paerns like
"Exploing Mulple Input Interpretaon Layers" indicates that
ransomware operators have developed sophiscated technical capabilies
and are able to chain mulple aack techniques together effecvely.
2. Authencaon-Related Aack Paerns (Authencaon Abuse & Bypass):
An emerging trend, with aackers leveraging mulple encoding methods
to bypass security controls. The combinaon of Directory Indexing aacks
with Web Shell uploads suggests a systemac approach to persistence
once inial access is gained.
1. Manipulaon of Web-Based Inputs and Directory Traversal Techniques:
Ransomware Index Report 2024 Securin 12
Securin’s research reveals addional significant aack paern trends:
Key Trends in Ransomware Aack Paerns 2024
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 13
Move beyond reliance on CVSS/MITRE rankings alone.
Implement context-aware vulnerability management considering ransomware likelihood.
Priorize weaknesses commonly exploited in ransomware aacks in your sector.
Monitor for exploitaon chains rather than isolated vulnerabilies.
Revise Vulnerability Priorizaon Frameworks:
4.
Healthcare organizaons: Focus on clinical system segmentaon and resilience.
Manufacturing: Implement OT/IT network separaon with monitored interfaces.
Government: Deploy advanced EDR soluons with behavioral analysis.
Financial services: Enhance monitoring for novel lateral movement techniques.
Develop Sector-Specific Defense Strategies:
3.
Deploy exploit prevenon systems focused on memory corrupon vulnerabilies.
Implement memory protecon tools like Control Flow Guard (CFG) and Address Space
Layout Randomizaon (ASLR).
Priorize patching of memory-related vulnerabilies idenfied in this report (CWE-119,
CWE-787, CWE-416).
Enhance MemoryProtecon Mechanisms:
2.
Implement MFA across all systems, especially for privileged accounts and remote access.
Deploy connuous monitoring for suspicious authencaon aempts.
Implement privileged access management (PAM) soluons.
Consider Zero Trust architecture as a strategic goal.
Priorize Authencaon & Access Control Vulnerabilies:
1.
With all proacve security strategies, knowing your aack surface is half the bale. Here are seven
concrete acons that defenders can take to migate the ransomware risks we’ve just looked at.
Taking Acon:
Best Pracces to Defend Against Ransomware
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
Ransomware Index Report 2024 Securin 14
Develop GenAI-Aware Security Programs:
Conduct red team exercises specifically targeng AI systems.
Implement security controls for AI development and deployment pipelines.
Establish monitoring for potenal prompt injecon aacks and AI-targeng.
Maintain strict access controls on AI training data and model parameters.
Adopt an APT-Focused Defensive Posture:
Implement connuous threat hunng for persistent threats.
Deploy decepon technology to detect stealthy reconnaissance acvies.
Monitor for living-off-the-land techniques using legimate system tools.
Enhance visibility into lateral movement and privilege escalaon aempts.
Establish Comprehensive Recovery Capabilies:
Implement immutable backups beyond ransomware reach.
Conduct regular recovery tesng simulang sophiscated ransomware scenarios.
Develop staged restoraon procedures priorizing crical business funcons.
Create offline incident response playbooks for ransomware scenarios.
Strategic Defensive Posioning
Ransomware Best Pracces:
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns
securin.io
Follow Us On
At Securin, we empower teams and organizaons to minimize their business risk
with our comprehensive range of offensive cybersecurity soluons. These
soluons are carefully craed to be intuive, adaptable, and scalable, catering to
organizaons of all sizes in today's ever-changing digital landscape. Securin's
human-augmented intelligence approach to cybersecurity empowers organizaons
to thrive by proacvely addressing emerging threats and uncertaines, ensuring
their security.
About Securin
Ransomware Index Report 2024 Securin 1
4 Schneider Electric Breach: hps://www.bleepingcomputer.com/news/security/cactus-ransomware-claim-to-steal-15tb
-of-schneider-electric-data/
2 CISA Sectors Crical Infrastructure 2024: hps://www.securin.io/cisa-sectors-crical-infrastructure-2024-download/
3 Python Risk Idenficaon Tool for generave AI:
hps://www.securin.io/cisa-sectors-crical-infrastructure-2024-download/
1 Evoluonal Generave Adversarial Network (EGAN): hps://arxiv.org/pdf/2405.12266
References
Introducon Best PraccesGen AI Threat Actors Top Weaknesses Aack Paerns