Ransomware attacks continue to be one of the biggest contemporary cybersecurity threats, affecting organizations and individuals alike on a global scale. From high-profile breaches in healthcare and industrial sectors – compromising huge volumes of sensitive data or halting production entirely – to attacks on small businesses that have become relatively easy targets, ransomware actors are expanding their sphere of influence. As we approach International Anti-Ransomware Day, we have analyzed the major ransomware events and trends. In this report, we share our observations, research, and statistics to shed light on the evolving ransomware threat landscape and its implications for cybersecurity.
Ransomware landscape: rise in targeted groups and attacks
Kaspersky collected data on targeted ransomware groups and their attacks from multiple relevant public sources, for the years 2022 and 2023, filtered and validated it. The research reveals a 30% global increase in the number of targeted ransomware groups compared to 2022, with the number of known victims of their attacks rising by a staggering 71%.
Unlike random attacks, these targeted groups focus on governments, high-profile organizations, or specific individuals within an organization. Moreover, most of them distribute their malware under the Ransomware-as-a-Service (RaaS) model, which involves a number of smaller groups (called affiliates) getting access to the ransomware for a subscription fee or a portion of the ransom. In the graph below, you can see the ransomware families that were most active in 2023.
Most active ransomware families by number of victims, 2023
The ransomware most frequently encountered in organizations’ systems in 2023 was Lockbit 3.0. The reason for its remarkable activity may be its builder leak in 2022. That led to ..
Support the originator by clicking the read the rest link below.
