Activity surpassed the full seen within the prior yr
Ransomware exercise for 2023 had surpassed the full quantity recorded in 2022 by 68%, in accordance with a report by Corvus Insurance (Corvus), a cyber underwriter.
Corvus’ This fall 2023 Ransomware Report discovered that ransomware assaults occurred at a record-setting tempo throughout 2023. It revealed that for the primary three quarters of the yr, ransomware assaults had been growing, solely barely declining by the final quarter.
“While ransomware activity spiked to an all-time high in 2023, the real story here is the incredible impact law enforcement had on these groups as we closed out the year,” mentioned Jason Rebholz, CISO, Corvus Insurance.
International regulation enforcement exercise in This fall was capable of take down ALPHV/BlackCat, which Corvus recognized as probably the most prolific ransomware gangs.
Qakbot, a pervasive malware that was used to realize entry to networks of victims, was additionally eradicated. It was essentially the most generally noticed malware household unfold by means of e-mail within the third quarter of 2023. It accounted for 31% of the full ransomware quantity seen in Q3.
These actions allowed the final quarter of 2024 to see a 7% drop in ransomware assaults from the third quarter, amounting to 1,278 victims. However, the quantity was nonetheless a notable improve from the earlier yr.
“Unfortunately, there’s no time to celebrate. Threat actors are resilient and have quickly pivoted to new malware, which means everyone must remain vigilant in their commitment to mitigating these threats,” mentioned Rebholz.
The variety of lively ransomware teams elevated by 34% between the primary and final quarter of 2023, as a consequence of well-known teams making their proprietary encryptors accessible on the darkish net.
“While many will remember 2023 for its record-setting number of ransomware attacks, what is equally noteworthy is the resiliency of threat actors who, despite growing action from law enforcement, were quick to use new forms of malware to secure initial access,” mentioned Rebholz.
This transfer by ransomware teams allowed 10 new ransomware teams to make use of Babuk’s encryptor, which was leaked final 2021. Larger defunct teams additionally started the formation of splinter teams, growing the variety of ransomware gangs.
“Throughout 2024, we will undoubtedly witness much of the same activity, as criminals continue to attack, shift, re-brand, and strike again. Businesses should remain prepared with enhanced security controls and cyber insurance policies to help minimize risk,” mentioned Rebholz.
In complete, 2023 noticed 4,496 leak web site victims of ransomware assaults, which was a substantial improve from 2,670 in 2022 and three,048 in 2021.
Corvus Insurance’s This fall 2023 Ransomware Report was made with the info from eCrime.ch and Malware Bazaar, that are ransomware leak websites maintained by ransomware teams the place uncooperative victims and stolen knowledge are posted.
What are your ideas on this story? Share them within the feedback under.
Related Stories
Keep up with the most recent information and occasions
Join our mailing listing, it’s free!
