Zscaler has released its annual ThreatLabz 2024 Ransomware Report, examining the ransomware threat landscape from April 2023 to April 2024. The report explores emerging trends, attack targets, ransomware types, and best defense strategies.

The United States has been the most affected country, with nearly 50% of incidents globally. The top ten countries targeted by ransomware include: the United States (50%), the United Kingdom (6%), Germany (4%), Canada (4%), France (3%), Italy (3%), Australia (2%), Spain (2%), India (1.5%) and Mexico (1.5%). Spain is ranked eighth on the list, behind Australia and ahead of India, with approximately 2% of attacks. Among the changes observed in the top 15 target countries and in the EMEA region, Spain has seen a 72% change in ransomware attacks between 2023 and 2024.

Comparing year-over-year attack increases, the United States, Italy, and Mexico have seen the largest increases, with increases of 93%, 78%, and 58%, respectively.

“Ransomware defense remains a top priority for CISOs in 2024. The increasing use of ransomware-as-a-service models; numerous zero-day attacks on legacy systems; the rise in vishing attacks; and the emergence of AI-driven attacks have led to record-breaking ransom payments. This is where an AI-powered Zero Trust platform like Zscaler helps enterprises accelerate their segmentation journey, reducing the blast radius and closing off unknown vectors for future AI-driven attacks,” said Deepen Desai, Chief Security Officer at Zscaler.

Ransomware: Record in ransom payments

In this context, researchers detected a new record in ransom payments, with $75 million paid to the Dark Angels ransomware group, almost double the largest publicly known ransom. In addition, attacks blocked by Zscaler’s cloud have grown by 18% compared to the previous year. ThreatLabz warns that Dark Angels’ success may motivate other groups to use similar tactics, making it urgent to strengthen protection against these increasingly costly attacks.

“Protecting against ransomware remains a key priority for CISOs in 2024. The rise of Ransomware-as-a-Service models, zero-day attacks on outdated systems, increased vishing, and AI-driven attacks have caused ransomware to reach record numbers. Enterprises must prioritize a Zero Trust security architecture, like the one offered by Zscaler, to minimize risks and mitigate future AI-driven attacks,” said Deepen Desai, Chief Security Officer at Zscaler.

Most affected sectors in Spain

Ransomware poses a significant risk to businesses across all sectors. In Spain, the manufacturing industry has been the most affected, accounting for 20% of attacks. This is followed by the technology, real estate and healthcare industries, each accounting for 7% of attacks.

Each sector faces specific challenges from ransomware, depending on its operation, data management, and IT infrastructure. Despite these differences, extortion attacks have been on the rise, with a 58% growth in the number of victims listed on data breach sites compared to last year’s report. The most affected sectors globally have been: manufacturing, healthcare, technology, education, and financial services.