FEATURE : RANSOMWARE prevented by proactive measures and the right security technologies .”
In light of Check Point ’ s research , computer and network security leader , JUMPSEC , has also revealed research outlining ransomware attacks rising again .
In its latest report , JUMPSEC revealed that attackerreported ransomware attacks increased by 87 % in the UK and 37 % globally in the first half of 2023 . This follows reports of ransomware growth slowing at the end of 2022 . Victims refusing to pay , higher security spending , or threat actors focusing on Russia-Ukraine were all theories for the slowdown .
JUMPSEC now expects 2023 to be the most prolific year for ransomware , surpassing the previous highs of 2021 . JUMPSEC identified 436 attacks worldwide in July 2023 , 20 % higher than the previous all-time high caused by Log4j in 2021 .
The mass exploitation of software vulnerabilities is perhaps the most clear-cut contributing factor to the rise of ransomware attacks in 2023 . Several vulnerabilities discovered in widely used platforms have contributed to rising attack figures ( Rackspace , Zimbra and most notably the MOVEit ).
Analysis shows that Lockbit is still the most prevalent ransomware variant in 2023 , however , Cl0p ransomware , which claims the MOVEit breach , has increased its impact significantly and could be on course to challenge Lockbit as the most prevalent ransomware .
The UK is the most targeted country outside the US and 20 % of European ransomware attacks occur there . While Russian-aligned hacktivist organisations threaten DDoS assaults against the UK , theoretically making UK businesses more susceptible , such attention-grabbing hacktivism is unlikely to have a significant impact .
“ We have observed a trend towards the increased personalisation of attacks , which could indicate victims have become less inclined to pay ransoms , causing attackers to exert greater pressure ,” said JUMPSEC ’ s Researcher , Sean Moran . “ Unfortunately , recent reports of rising Cryptocurrency profits by known ransomware threat actors suggests that attacker negotiation tactics have been effective . Organisations need to continually refine their response to cyber extortion as attackers develop new strategies around mass exploitation of software vulnerabilities , data exfiltration , while becoming increasingly personal by targeting individuals and senior leadership within victim organisations .”
JUMPSEC threat intelligence analysts track global ransomware activity using a mixture of manual investigation and automated bots to search or ‘ scrape ’ the public-facing domains of ransomware threat actors . The raw data is then enriched by investigating the geographic location , industry sector , size and financial profile of each targeted organisation . p
Another 2023 trend reported by JUMPSEC is the increased exploitation of the financial services , insurance and IT sectors , both globally and within the UK . With organisations increasingly opting only to exfiltrate data as leverage for extortion these sectors are becoming increasingly lucrative targets . Large UKbased companies such as Aon , Deloitte and PWC were all targeted in the MOVEit attack and are representative of the types of organisations that have experienced higher attack rates .
Another explanation for rising attack figures is simply the proliferation of more ransomware variants as JUMPSEC has monitored 20 % more ransomware groups in 2023 than in 2022 .
According to the analysis , successful groups continue to prioritise big game hunting . In 2023 , BlackCat ( ALPHV ) and CL0P are the most common ransomware groups targeting UK organisations with £ 10 million in bank assets , replacing Karakurt as the most common ransomware against large organisations .
www . intelligentcio . com INTELLIGENTCIO EUROPE 57