2024 Ransomware Threat Insights Report

This report presents insights into ransomware threats based on data collected by AIG from January 2021 to December 2023. It outlines the vulnerabilities leading to ransomware incidents, noting that over 60% are linked to weak user privileges. The report details the leading causes of incidents, highlighting phishing and Common Vulnerabilities and Exposures (CVE) as primary attack vectors, with 45% of organizations reporting CVE exploitation as the initial attack vector in 2023. Additionally, the report emphasizes the importance of managing privileged accounts and conducting regular audits to adhere to the principle of least privilege. It also discusses the impact of ransomware on business interruption, indicating a 65% increase in average critical business interruption loss of hours when backup data is affected. The findings are based on a sample of 344 organizations, primarily with annual revenues exceeding $100 million, and provide a framework for improving vulnerability management and incident response strategies.