Skip to main content

Every third cyber incident was due to ransomware, Kaspersky reports


 Ahead of International Anti-Ransomware Day on May 12, Kaspersky's latest research reveals a concerning trend in the global cybersecurity landscape, with ransomware attacks accounting for every third cyber incident in 2023. The report sheds light on the escalating threat of targeted ransomware groups, which have seen a 30% increase globally compared to 2022, along with a 71% surge in known victims.

Kaspersky's research, covering 2022 and 2023, revealed a worrisome escalation in targeted ransomware groups. The data indicated a staggering 30% global increase in the number of these groups compared to 2022, accompanied by a 71% surge in known victims of their attacks. Unlike random assaults, these targeted groups set their sights on government agencies, prominent organizations, and specific individuals within enterprises. As cybercriminals continue to orchestrate sophisticated and extensive attacks, the threat to cybersecurity grows ever more pronounced.

In 2023, Lockbit 3.0 emerged as the most prevalent ransomware, leveraging a builder leak in 2022 to spawn custom variants targeting organizations worldwide. BlackCat/ALPHV ranked second, until December 2023, when a collaborative effort by the FBI and other agencies disrupted its operations. However, BlackCat quickly rebounded, underscoring the resilience of ransomware groups. Third on the list was Cl0p, which breached the managed file transfer system MOVEIt, impacting over 2.5 thousand organizations by December 2023, according to New Zealand security firm Emsisoft.

In its 2023 State of Ransomware report, Kaspersky also identified several noteworthy ransomware families, including BlackHunt, Rhysida, Akira, Mallox, and 3AM. Moreover, as the ransomware landscape evolves, smaller, more elusive groups are emerging, posing new challenges to law enforcement. According to the research, the rise of Ransomware-as-a-Service (RaaS) platforms further complicated the cybersecurity landscape, emphasizing the need for proactive measures.

Kaspersky's incident response team noted that ransomware incidents accounted for every third cybersecurity incident in 2023. In the research, attacks via contractors and service providers emerged as prominent vectors, facilitating large-scale assaults with alarming efficiency. Overall, ransomware groups demonstrated a sophisticated understanding of network vulnerabilities, utilizing a variety of tools and techniques to achieve their objectives. They used well-known security tools, and exploited public-facing vulnerabilities and native Windows commands to infiltrate their victims, highlighting the need for robust cybersecurity measures to defend against ransomware attacks and domain takeovers.


“As ransomware-as-a-service proliferates and cybercriminals execute increasingly sophisticated assaults, the threat to cybersecurity becomes more acute. Ransomware strikes persist as a formidable menace, infiltrating critical sectors and preying on small businesses indiscriminately. To combat this pervasive threat, it's imperative for individuals and organizations to fortify their defenses with robust cybersecurity measures. Deploying solutions such as Kaspersky Endpoint Security and embracing Managed Detection and Response (MDR) capabilities are pivotal steps in safeguarding against evolving ransomware threats,” commented Dmitry Galov, head of research center, Kaspersky’s GReAT.

Read the full report on the State of ransomware at Securelist.com.

On May 12 – Anti-Ransomware Day – Kaspersky is urging organizations to adhere to these best practices aimed at safeguarding their operations against ransomware attacks:

Always keep software updated on all your devices to prevent attackers from exploiting vulnerabilities and infiltrating your network. 

Focus your defense strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to outgoing traffic to detect cybercriminals’ connections to your network. Set up offline backups that intruders cannot tamper with. Make sure you can access them quickly when needed or in an emergency. 

Enable ransomware protection for all endpoints. There is a free Kaspersky Anti-Ransomware Tool for Business that shields computers and servers from ransomware and other types of malware, prevents exploits and is compatible with already installed security solutions. 

Install anti-APT and EDR solutions, enabling capabilities for advanced threat discovery and detection, investigation and timely remediation of incidents. Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training. All of the above is available within Kaspersky Expert Security framework.

· Provide your SOC team with access to the latest threat intelligence (TI). The Kaspersky Threat Intelligence Portal is a single point of access for Kaspersky’s TI, providing cyberattack data and insights gathered by our team for over 20 years. To help businesses enable effective defenses in these turbulent times, Kaspersky has announced access to independent, continuously updated and globally sourced information on ongoing cyberattacks and threats, at no charge. 


Comments

Popular posts from this blog

ASEAN Centre for Energy (ACE) to Guide Regional Energy Transition through the Launch of the 8th ASEAN Energy Outlook (AEO8)

Photo 1. (left-right), Beni Suryadi, Acting Executive Director of ACE, H.E. Phosay Sayasone, Minister of Energy and Mines, Lao PDR, Dato’ Mohamad Razif bin Haji Abdul Mubin, Deputy Secretary General (Energy) at the Ministry of Energy Transition and Water Transformation (PETRA), Malaysia , Dr Zulfikar Yurnaidi, Head of Energy Modelling and Policy Planning (MPP) at ACE, with AEO8 at the 42nd AMEM and Its Associated Meetings Press Conference Vientiane, 30 September 2024 – The ASEAN Centre for Energy (ACE) is delighted to announce the launch of the 8th edition of The ASEAN Energy Outlook (AEO8) during the 42nd ASEAN Ministers on Energy Meeting (AMEM) and Associated Meetings, held in conjunction with the 24th ASEAN Energy Business Forum (AEBF-24) in Vientiane, Lao PDR. AEO8 is a flagship report, developed by ACE in close collaboration with the ASEAN Member States and partners, that supports the implementation of the ASEAN Plan of Action for Energy Cooperation (APAEC). The report provides a ...

AEON Bank and Malaysia Esport Federation Signed MoU to Nurture E-Sports Talents Among Local Youth

 AEON Bank (M) Berhad and Malaysia Esports Federation (MESF) recently signed a Memorandum of Understanding (MoU), alongside two other strategic partners—Takaful Malaysia (Syarikat Takaful Malaysia Am Berhad) and Retromania. The MoU signing took place at Pavilion Bukit Jalil’s Exhibition Centre, with the signatories being Tsutomu Kamagata, Deputy CEO and Chief Corporate Management Officer of AEON Bank; YBrs. Naim Al-Amin, President of MESF; Hazruddin Hassan, Chief Marketing Officer of Takaful Malaysia; and an official representative from Retromania. The MoU signing ceremony was witnessed by YBrs. Suhaidi Alias, Sports Commissioner Malaysia; Afiq Fadhli Narawi, Vice President of MESF; Aizuddin Danian Izham Cheong, Chief Personal Banking Officer of AEON Bank (M) Berhad; and YBrs. Ahmed Faris Amir, CEO of Esports Integrated (ESI). The MoU signing was preceded by the launch of Piala Esports Malaysia and was followed by the full acceptance and commitment towards strict compliance to the ...

Celebrating Health and Wellness: A Reflection on the Time to Move Program

Samsung Malaysia Electronics, in collaboration with Sunway Medical Centre, Sunway City, came together to celebrate the remarkable achievements of participants in the Time to Move program. This initiative has provided an incredible opportunity for individuals to embark on a wellness journey, creating many inspiring stories. Throughout the course of the program, many participants have made significant strides in their efforts to improve their health. Their stories of perseverance and commitment to bettering themselves are a testament to the power of dedication. Participants not only reached their goals but also learnt valuable lessons on how to become healthier and more mindful of their well-being. In supporting their journeys, Samsung Health is a powerful resource of information for participants to make informed decisions about their health. Features such as Energy Score and Wellness Tips empowered participants to stay on track, making their wellness journeys more manageable and effecti...