GuidePoint Research and Intelligence Team's (GRIT) Annual Ransomware Report Highlights an 80% YoY Increase in Activity and Significant Escalations in Coercive Tactics
GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the release of GuidePoint Research and Intelligence Team's (GRIT) 2023 Annual Ransomware Report. This report is based on data obtained from publicly available resources, including threat groups themselves, and insight into the ransomware threat landscape. GRIT observed a victim volume nearly doubling year-over-year, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. In total, GRIT observed 63 distinct ransomware groups leverage encryption, data exfiltration, data extortion, and other novel tactics to compromise and publicly post 4,519 victims across all 30 of GRIT's tracked industries, and in 120 countries.
"Comparing 2023 to 2022 ransomware activity, we saw an 80% YoY increase of victim posting," said Drew Schmitt, Practice Lead, GRIT. "While mass exploitation campaigns contributed substantially to this large increase, we saw a significant increase in ransomware activity overall. New entrants in the ransomware ecosystem had repeated opportunities either through reduced technical barriers such as the recycling of leaked ransomware builders and commodity malware, or the recycling of previously leaked data for attempted re-extortion and claims of attacks that never were. For those established groups with resources and technical expertise, exploitation of high-severity and zero-day vulnerabilities provided a reliable means of exploiting victims at scale, a trend we assess as likely to continue into 2024 as a means of overcoming improvements in security."
GRIT's Annual Ransomware Report also examines major ransomware events throughout the year including Clop's MOVEit campaign, Scattered Spider's attacks on major casinos, LockBit's new Affiliate Rules regarding ransom negotiations, SEC's new guidance for incident notifications, law enforcement's disruption of Alphv operations, and published decryptors impacting ransomware operations for BianLian and Akira.
Key Highlights of the Report:
From an industry perspective, GRIT observed most impacts affecting a limited subset of industries. 62% of all observed victims belong to one of the "top ten" most-impacted industries, with Manufacturing and Technology remaining the two most-impacted industries; Manufacturing and Technology represented 12.9% and 7.9% of all victims, respectively. Among Manufacturing industry victims, the US was impacted five times as much as the next highest country, Germany (265 vs 48 victims). Manufacturing was the most impacted industry for almost every month in 2023, excluding May, when it placed behind Technology by a single observed victim.
The United States was by far the most impacted country in 2023. Among posted victims, 2,199 were US-based organizations, accounting for 49% of all observed ransomware attacks in 2023. Eight out of the ten most impacted countries were within North America and Europe, with Brazil and Australia as the sole outliers. The same "top ten" most impacted countries were home to 76% of all observed victim organizations, of which 27% impacted non-US countries.
In line with GRIT's taxonomy for classifying ransomware groups, long-term Established groups accounted for the overwhelming majority of observed victims (85%), followed by Developing groups (10%). The top three most prolific Established groups?LockBit, Alphv, and Clop?continue to account for not just the lion's share of victims but also much of the innovation and tactical changes across the ransomware ecosystem. Ephemeral and Emerging groups, as the newest and shortest-term entrants, lagged behind their maturing counterparts but still posed a significant threat to worldwide organizations, exacerbated by less "reliable" actors and frequently recycled malware.
"Last year, ransomware continued to increase in terms of impact, sophistication, and the number of participating actors, indicating that the ransomware ecosystem has not yet reached a point of market saturation," said Schmitt. "We expect ransomware impacts to continue an upward trajectory into 2024 and beyond until ransomware groups' financial interests conflict with one another or until law enforcement and regulatory pressures reduce the perceived attractiveness of the space and the risk calculus of its participants."
For more information on GRIT's 2023 Annual Ransomware Report:
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint's unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.
Caliway Biopharmaceuticals (Caliway) is pleased to announce its participation to share the latest clinical advancements at the upcoming 2024 BIO International Convention on Wednesday, June 5th, at 11:45 a.m. PDT. The presentation will take place in...
This is a report from China.org.cn:
A report on Africa's digital economic development index and China-Africa cooperation on the digital economy was released in Nairobi, Kenya, on Friday.
Jointly published by the China-Africa Economic & Trade...
Venom's BlackBook Zero 14 honored with HPL best business laptop award
"Our current customers are our future suppliers"Venom, manufacturer of performance orientated laptop computers has been recognised by HPL (High performance Laptops) for the Best...
President Xi Jinping left Budapest on Friday, wrapping up his fruitful three-nation Europe visit, which both Chinese and European analysts believe injects momentum into China-Europe relations as well as future multipolarity and global stability.
At...
Overture.law, the nation's leading attorney-to-attorney referral platform, launches their transformative new product, Inner Circles. This groundbreaking product empowers attorneys, law schools, bar associations, and affinity groups to build private...
BASIS Charter Schools proudly announce that two of its exceptional students have been named 2024 U.S. Presidential Scholars by the U.S. Department of Education. Matteo N. Huish from BASIS Mesa and Sruti Peddi from BASIS Scottsdale have been...