AI DevwWrld Chatbot Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

Worrying increase in ransomware attacks in 2023

The sectors most affected and the implications for cybersecurity

Corvus Insurance report shows that ransomware attacks increased by 95% in 2023 compared to the previous year. CL0P Group was responsible for much of the activity, but other industries such as law firms, government agencies and the oil sector saw significant increases. It is essential to implement adequate security controls to mitigate this threat.

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

This pill is also available in Italian language

Corvus Insurance, the leading cyber insurance underwriter powered by a proprietary AI-powered cyber risk platform, has released its Q3 2023 Global Ransomware Report, which analyzes data from ransomware leak platforms to monitor trends in evolution. According to the report, ransomware attacks continue at a record pace, with global ransomware attack frequency in Q3 2023 increasing 11% compared to Q2 and 95% year-over-year (YoY).

Rise of the CL0P Group

The CL0P ransomware group played a leading role in this surge in ransomware activity in 2023. CL0P emerged in the first quarter leveraging the GoAnywhere file transfer software, affecting more than 130 victims. In the second quarter, CL0P struck again by independently using one of its zero-day exploits within the MOVEit file transfer software, affecting 264 victims at the time of this report. This single MOVEit vulnerability accounted for 9% of victims listed in Q2 and 13% of victims listed in Q3. Even without these spikes in attack activity from CL0P, ransomware numbers would still have increased 5% over the second quarter and 70% year-over-year in the third quarter.

Cutting summer break by threatening actors

Typically, ransomware follows seasonal patterns, with a decline in incidents in early May and a low level until early August. Largely driven by CL0P, this year's decline in attacks occurred later in June and, rather than continuing to decline, increased and remained high through the first half of August. Even without CL0P, ransomware activity would still have seen a 70% increase over the previous year.

Growth of key industries

The third quarter report also looks at the industries that saw the biggest spikes in ransomware activity. These include law firms – an increase due in part to the ALPHV ransomware group, which accounted for nearly a quarter of all victims in this sector (+70%). Government agencies were hit by LockBit, which tripled the number of government fatalities from the second to the third quarter (mostly cities and municipalities) (+95%). Other industries that saw spikes include manufacturing (+60%), oil and gas (+142%) and transportation, logistics and warehousing (+50%). "Ransomware actors can quickly change targets, and no industry is immune. There is no better time to ensure the proper security controls are in place to mitigate the threat," Rebholz said.

Follow us on Google News for more pills like this

10/24/2023 22:47

Editorial AI

Last pills

Global blow to cybercrime: a major ransomware network has fallenCybercriminal organization busted: a success for global cybersecurity

Crisis in aviation: Rosaviatsia targeted by cyberattackCyber attack exposes vulnerability of Russian aviation sector

Introduction to the new SysJoker threatIn-depth analysis reveals evolutions and risks of SysJoker cross-platform malware

Cybersecurity strategies compared between Taiwan and JapanStrengthening digital defenses in the information age