AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Worrying increase in ransomware attacks in 2023

The sectors most affected and the implications for cybersecurity

Corvus Insurance report shows that ransomware attacks increased by 95% in 2023 compared to the previous year. CL0P Group was responsible for much of the activity, but other industries such as law firms, government agencies and the oil sector saw significant increases. It is essential to implement adequate security controls to mitigate this threat.

This pill is also available in Italian language

Corvus Insurance, the leading cyber insurance underwriter powered by a proprietary AI-powered cyber risk platform, has released its Q3 2023 Global Ransomware Report, which analyzes data from ransomware leak platforms to monitor trends in evolution. According to the report, ransomware attacks continue at a record pace, with global ransomware attack frequency in Q3 2023 increasing 11% compared to Q2 and 95% year-over-year (YoY).

Rise of the CL0P Group

The CL0P ransomware group played a leading role in this surge in ransomware activity in 2023. CL0P emerged in the first quarter leveraging the GoAnywhere file transfer software, affecting more than 130 victims. In the second quarter, CL0P struck again by independently using one of its zero-day exploits within the MOVEit file transfer software, affecting 264 victims at the time of this report. This single MOVEit vulnerability accounted for 9% of victims listed in Q2 and 13% of victims listed in Q3. Even without these spikes in attack activity from CL0P, ransomware numbers would still have increased 5% over the second quarter and 70% year-over-year in the third quarter.

Cutting summer break by threatening actors

Typically, ransomware follows seasonal patterns, with a decline in incidents in early May and a low level until early August. Largely driven by CL0P, this year's decline in attacks occurred later in June and, rather than continuing to decline, increased and remained high through the first half of August. Even without CL0P, ransomware activity would still have seen a 70% increase over the previous year.

Growth of key industries

The third quarter report also looks at the industries that saw the biggest spikes in ransomware activity. These include law firms – an increase due in part to the ALPHV ransomware group, which accounted for nearly a quarter of all victims in this sector (+70%). Government agencies were hit by LockBit, which tripled the number of government fatalities from the second to the third quarter (mostly cities and municipalities) (+95%). Other industries that saw spikes include manufacturing (+60%), oil and gas (+142%) and transportation, logistics and warehousing (+50%). "Ransomware actors can quickly change targets, and no industry is immune. There is no better time to ensure the proper security controls are in place to mitigate the threat," Rebholz said.

Follow us on Facebook for more pills like this

10/24/2023 22:47

Marco Verro

Last pills

Zero-day threat on Android devices: Samsung prepares a crucial updateFind out how Samsung is addressing critical Android vulnerabilities and protecting Galaxy devices from cyber threats

CrowdStrike: how a security update crippled the tech worldGlobal impact of a security update on banking, transportation and cloud services: what happened and how the crisis is being addressed

Checkmate the criminal networks: the Interpol operation that reveals the invisibleFind out how Operation Interpol exposed digital fraudsters and traffickers through extraordinary global collaboration, seizing luxury goods and false documents

Google Cloud security predictions for 2024: how AI will reshape the cybersecurity landscapeFind out how AI will transform cybersecurity and address geopolitical threats in 2024 according to Google Cloud report