Of all Dutch businesses and organisations that fell victim to ransomware in 2024, the ICT sector was hit hardest, according to the Ransomware Annual Report 2024. The willingness to pay ransom, the report further states, was at 29%. We summarised the most notable trends.
Ransomware is a type of malware that attackers use to invade computers and encrypt -or hold hostage- files. Attackers then demand a ransom from their victims in return for decrypting the files. The Digital Trust Centre (DTC) identified the following notable trends:
- At 24%, almost double to the previous year, the ICT sector was the most affected industry. Following sectors were trade (20%) and manufacturing (13%).
- 38% of all attacks occurred via account takeover (ATO). During the ATOs, the attackers assumed full control of the targeted accounts, oftentimes using stolen login credentials.
- 29% of victims paid ransom, which is an increase of 11% compared to 2023.
- In 2023, the number of ransomware incidents reported was 147. This number dropped to 121 in 2024. Of these incidents, 76 were disclosed through police reports and 20 through incident response services.
- Ransomware group Cactus accounted for many of the Dutch victims by exploiting a vulnerability within the Qlik Sense Server (in Dutch).
Project Melissa
The Ransomware Annual Report 2024 (available in Dutch) was published by Project Melissa, a partnership of the Netherlands Public Prosecution Service (OM), Dutch national police, the National Cyber Security Centre (NCSC) and cyber security firms affiliated to Cyberveilig Nederland. The incidents information in the report is based on data supplied by the NCSC, the police and a total of 9 security services. Tips on how to reduce cyber threats to businesses can be found in The 5 Basic Principle of Running a Secure Digital Business.
