GRF analysts recently completed the semiannual ransomware report covering the second half of 2024. The report series tracks attacks based on public sources and conversations of threat actors in closed forums. Analysts compiled data on 2,250 successful attacks. Some key findings:

• Manufacturing was again the most targeted industry with 322 victims. The next most targeted sector was Commercial Facilities with 307.

• This is the sixth report in a row in which Manufacturing has been the most targeted industry.

• Ransomhub was the most prolific actor with 297 successful attacks, overtaking LockBit after its prosecution by law enforcement.

• The United States was targeted by 62% of all ransomware attacks tracked by GRF analysts, with 19% directed at companies within the EU and UK.

• AI tools are improving ransomware and its delivery, aiding in targeting, the quality of phishing emails, and hampering detection of delivered payloads.