Connect with us

Hi, what are you looking for?

HEADLINES

Every third cyber incident was due to ransomware, Kaspersky reports

The data indicated a staggering 30% global increase in the number of these groups compared to 2022, accompanied by a 71% surge in known victims of their attacks.

Ahead of International Anti-Ransomware Day on May 12, Kaspersky’s latest research reveals a concerning trend in the global cybersecurity landscape, with ransomware attacks accounting for every third cyber incident in 2023.

The report sheds light on the escalating threat of targeted ransomware groups, which have seen a 30% increase globally compared to 2022, along with a 71% surge in known victims.

Kaspersky’s research, covering 2022 and 2023, revealed a worrisome escalation in targeted ransomware groups. The data indicated a staggering 30% global increase in the number of these groups compared to 2022, accompanied by a 71% surge in known victims of their attacks. Unlike random assaults, these targeted groups set their sights on government agencies, prominent organizations, and specific individuals within enterprises. As cybercriminals continue to orchestrate sophisticated and extensive attacks, the threat to cybersecurity grows ever more pronounced.

In 2023, Lockbit 3.0 emerged as the most prevalent ransomware, leveraging a builder leak in 2022 to spawn custom variants targeting organizations worldwide. BlackCat/ALPHV ranked second, until December 2023, when a collaborative effort by the FBI and other agencies disrupted its operations. However, BlackCat quickly rebounded, underscoring the resilience of ransomware groups. Third on the list was Cl0p, which breached the managed file transfer system MOVEIt, impacting over 2.5 thousand organizations by December 2023, according to New Zealand security firm Emsisoft.

Advertisement. Scroll to continue reading.

In its 2023 State of Ransomware report, Kaspersky also identified several noteworthy ransomware families, including BlackHunt, Rhysida, Akira, Mallox, and 3AM. Moreover, as the ransomware landscape evolves, smaller, more elusive groups are emerging, posing new challenges to law enforcement. According to the research, the rise of Ransomware-as-a-Service (RaaS) platforms further complicated the cybersecurity landscape, emphasizing the need for proactive measures.

Kaspersky’s incident response team noted that ransomware incidents accounted for every third cybersecurity incident in 2023. In the research, attacks via contractors and service providers emerged as prominent vectors, facilitating large-scale assaults with alarming efficiency.

Overall, ransomware groups demonstrated a sophisticated understanding of network vulnerabilities, utilizing a variety of tools and techniques to achieve their objectives. They used well-known security tools, and exploited public-facing vulnerabilities and native Windows commands to infiltrate their victims, highlighting the need for robust cybersecurity measures to defend against ransomware attacks and domain takeovers.

“As ransomware-as-a-service proliferates and cybercriminals execute increasingly sophisticated assaults, the threat to cybersecurity becomes more acute. Ransomware strikes persist as a formidable menace, infiltrating critical sectors and preying on small businesses indiscriminately. To combat this pervasive threat, it’s imperative for individuals and organizations to fortify their defenses with robust cybersecurity measures. Deploying solutions such as Kaspersky Endpoint Security and embracing Managed Detection and Response (MDR) capabilities are pivotal steps in safeguarding against evolving ransomware threats,” commented Dmitry Galov, head of research center, Kaspersky’s GReAT.

Read the full report on the State of ransomware at Securelist.com.

Advertisement. Scroll to continue reading.

On May 12 – Anti-Ransomware Day – Kaspersky is urging organizations to adhere to these best practices aimed at safeguarding their operations against ransomware attacks:

  • Always keep software updated on all your devices to prevent attackers from exploiting vulnerabilities and infiltrating your network.
  • Focus your defense strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to outgoing traffic to detect cybercriminals’ connections to your network. Set up offline backups that intruders cannot tamper with. Make sure you can access them quickly when needed or in an emergency.
  • Enable ransomware protection for all endpoints. There is a free Kaspersky Anti-Ransomware Tool for Business that shields computers and servers from ransomware and other types of malware, prevents exploits and is compatible with already installed security solutions.
  • Install anti-APT and EDR solutions, enabling capabilities for advanced threat discovery and detection, investigation and timely remediation of incidents. Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training. All of the above is available within Kaspersky Expert Security framework.
  • Provide your SOC team with access to the latest threat intelligence (TI). The Kaspersky Threat Intelligence Portal is a single point of access for Kaspersky’s TI, providing cyberattack data and insights gathered by our team for over 20 years. To help businesses enable effective defenses in these turbulent times, Kaspersky has announced access to independent, continuously updated and globally sourced information on ongoing cyberattacks and threats, at no charge. Request access to this offer here.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

With the e-Commerce market projected to hit $24 billion by 2025, foodpanda sees significant growth potential in the local digital space.

HEADLINES

Emperador’s move to cashless payments reduces cash-handling risks, improves transaction speed, and enables the sales teams and retailers to focus on business growth and...

HEADLINES

inDrive gave away more than Php 1.1 million worth of rewards to its partner drivers which included a Honda ADV 160 motorcycle as the...

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

A leveled-up 5G connectivity, Smart 5G Max features significantly faster speeds for uploading and downloading, and ultra-low latency, providing customers with amazing mobile experiences.

HEADLINES

The project is expected to increase Asialink’s total loans to SMEs from Php 8.8 billion (around $150 million) to around Php 13 billion, with...

HEADLINES

The partnership enables MCU to integrate Fortinet’s Network Security Expert (NSE) training and certification program into its academic offerings, either as part of the curriculum or...

Advertisement