While examining the state of ransomware in 2023, the statistics show promise — at least on the surface. According to the IBM X-Force Threat Intelligence Index 2023, “Ransomware’s share of incidents declined from 21% in 2021 to 17% in 2022.”
Also promising: ransomware groups had a shaky 2022. The Trickbot group, for example, faced significant challenges — including internal leaks and increased government attention, resulting in the shutdown of their Conti ransomware operation and the retirement of two prominent malware families. LockBit ransomware then emerged as the leading variant in the market, accounting for 17% of all observed cases last year.
While these declines are minimal, it’s a step in the right direction.
But how do we know if fewer people are reporting ransomware attacks? It’s understandable to question whether the decline in incidents may be due to a reduction in reporting.
Is There Cause for Optimism?
Brett Callow, renowned ransomware expert and threat analyst for Emsisoft, agrees that recent threat group disruptions may decrease the number of incidents. “Unfortunately,” he said, “that dip will only be temporary as the individuals involved with the operations start new ones or partner with other operations. However, the disruptions do have significant value in terms of swinging the needle of the risk-reward ratio more towards ‘risk’ and ‘intel gathering.’”
Callow equates countering ransomware to a game of whack-a-mole. But with more intel, he said, law enforcement can whack the moles faster.
Alex Dow, chief innovation officer for Mirai Security, attributes the decrease in ransomware statistics to several factors — including the war in Ukraine and improved EDR solutions. Dow, who has over 20 years of Security Ope ..
Support the originator by clicking the read the rest link below.
