Record Year for Global Ransomware Incidents – Report | Insurance business America
Activity exceeded the previous year’s total
Cyber
By Abigail Adriatico
According to a report from Corvus Insurance (Corvus), a cyber insurer, ransomware activity in 2023 exceeded the total recorded in 2022 by 68%.
Corvus’ Q4 2023 Ransomware Report found that ransomware attacks occurred at a record-breaking pace in 2023. It showed that ransomware attacks increased in the first three quarters of the year and only decreased slightly in the final quarter.
“While ransomware activity reached an all-time high in 2023, the real story here is the incredible impact law enforcement had on these groups as the year ended,” said Jason Rebholz, CISO, Corvus Insurance.
In the fourth quarter, international law enforcement agencies managed to take down ALPHV/BlackCat, which identified Corvus as one of the most prolific ransomware gangs.
Qakbot, a ubiquitous malware used to gain access to victims’ networks, was also removed. It was the most frequently observed malware family distributed via email in the third quarter of 2023. It accounted for 31% of total ransomware volume in the third quarter.
These measures resulted in ransomware attacks decreasing by 7% in the final quarter of 2024 compared to the third quarter, counting 1,278 victims. However, the number was still a significant increase compared to the previous year.
“Unfortunately there is no time to celebrate. Threat actors are resilient and have pivoted quickly to new malware, meaning everyone must remain vigilant in their commitment to mitigating these threats,” said Rebholz.
The number of active ransomware groups increased by 34% between the first and last quarters of 2023 as well-known groups made their proprietary encryptors available on the dark web.
“While many will remember 2023 for the record-breaking number of ransomware attacks, what is equally remarkable is the resilience of threat actors who quickly leveraged new forms of malware to secure initial access despite increasing law enforcement action,” he said Rebholz .
This move by ransomware groups allowed 10 new ransomware groups to use Babuk’s encryption program, which was leaked last year. Larger defunct groups also began forming splinter groups, increasing the number of ransomware gangs.
“As we move into 2024, we will undoubtedly see much of the same activity as criminals continue to attack, transform, rebrand and strike again. Companies should remain prepared with enhanced security controls and cyber insurance to minimize risks,” said Rebholz.
In total, there were 4,496 leak sites that fell victim to ransomware attacks in 2023, a significant increase from 2,670 in 2022 and 3,048 in 2021.
The Corvus Insurance Q4 2023 ransomware report was created using data from eCrime.ch and Malware Bazaar. These are ransomware leak sites run by ransomware groups that publish uncooperative victims and stolen data.
What do you think about this story? Share them in the comments below.
similar posts
Stay up to date with the latest news and events
Join our mailing list, it’s free!
Source link
2024-02-02 11:02:18
www.insurancebusinessmag.com
