The Cyber Threat Landscape Evolves in 2024: Decline in Ransomware, Infostealing Surges

The Cyber Threat Landscape Evolves in 2024: Decline in Ransomware, Infostealing Surges | CyberPro Magazine


IBM X-Force’s latest report not only sheds light on the evolving cyber threat landscape but also delves deeper into the underlying factors driving these changes like decline in ransomware. With a comprehensive analysis of over 150 billion security events daily across 130 countries, the report provides valuable insights into the emerging trends shaping cybersecurity strategies worldwide.

Decline in Ransomware, Rise in Infostealing

The decline in ransomware incidents, while seemingly positive, comes with nuances that paint a more complex picture. Traditional ransomware attacks, characterized by encryption tactics, have indeed decreased by 11.5%. However, a parallel trend of rising info-stealing activities indicates a strategic shift among cybercriminals. Instead of relying solely on encrypting files for ransom, attackers are now opting to exfiltrate sensitive data and leverage it for extortion purposes. This adaptation reflects a response to the growing reluctance of organizations to pay decryption ransoms, signaling a need for more sophisticated approaches to cyber extortion.

Growing Cloud and Critical Infrastructure Attacks

In tandem with the decline in ransomware, attacks targeting cloud services and critical infrastructures are on the ascent. Nearly 70% of cyber assaults globally are aimed at critical systems, highlighting the vulnerability of essential infrastructure to malicious actors. Europe remains a focal point of these attacks, bearing the brunt of 32% of all cyber onslaughts. The alarming surge in attacks utilizing valid credentials—up by a staggering 71%—underscores the urgent need for enhanced authentication and access control measures to thwart unauthorized entry into organizational networks.

Geopolitical Tensions Fuel Cyberwarfare

Against the backdrop of escalating global tensions, cyber warfare has emerged as a potent tool for state-affiliated groups and political activists. The ongoing conflicts in regions such as Ukraine and Gaza have catalyzed cyber aggression, with groups like Hive0051 intensifying their activities. Employing sophisticated techniques such as multichannel DNS fluxing and fileless PowerShell variants, these actors pose a significant threat to national security and critical infrastructure.

Looming AI Threat

While the immediate deployment of AI in malicious campaigns remains speculative, the growing interest of cybercriminals in AI technologies portends a looming threat. Despite the absence of concrete evidence, the report warns of the inevitability of AI-driven attacks as the technology achieves market dominance. Historically, cybercriminals have capitalized on emerging technologies such as ransomware, BEC, and crypto-jacking once they attain widespread adoption—a trend likely to repeat with AI.

Addressing Emerging Threats

In response to the evolving threat landscape, organizations must adopt proactive cybersecurity measures to safeguard against emerging risks effectively. Securing AI/ML models from supply chain attacks is paramount, given the proliferation of vulnerable open-source models lacking robust security controls. Moreover, vigilant monitoring and rapid response mechanisms are essential to detect and mitigate cyber threats before they inflict substantial damage.


As cyber threats continue to evolve in complexity and sophistication, the imperative for organizations to prioritize cybersecurity resilience and preparedness cannot be overstated. By staying abreast of emerging trends and implementing robust defense mechanisms, businesses can mitigate the risks posed by ransomware, infostealing, and other cyber threats, thereby safeguarding their critical assets and maintaining operational continuity in an increasingly digital landscape.

Also Read: The Evolution of Ransomware Attacks: A Growing Threat in the Cyber Arms Race