August 11, 2023
Ransomware attacks have surged in the 12 months ending in June 2023, with the United States accounting for 43 percent of the 1,900 attacks reported — 7x greater than that of the second most popular target, the United Kingdom, at 196. The period marked a 75 percent increase in U.S. ransomware attacks, which were perpetrated by 48 different groups including CL0P, a gang believed to have ties to Russia. U.S. companies, governmental organizations and individual consumers were targeted during the period, with healthcare and educational institutions disproportionately impacted, according to a study by cybersecurity firm Malwarebytes.
Germany, France and the UK have also experienced increased ransomware activity, but at lower rates than the U.S. “France’s numbers doubled in the past year, with a disproportionate number of attacks levied at governmental institutions,” reports Engadget, adding that “the UK experienced 200 attacks from 32 separate groups.”
Canada was No. 3 in attack frequency, with 159 attacks during the period, and Germany No. 4, with 124 incidents, according to a Malwarebytes blog post that indicates a significant takeaway from the report is “the ascension of the CL0P group — which has effectively harnessed zero-day vulnerabilities to amplify its attacks.”
The CL0P criminal organization “has evolved in the past year, capitalizing on zero-day software vulnerabilities to amp up the scope of its attacks,” Engadget reports, noting that “in June, the group took advantage of one of these vulnerabilities in enterprise file transfer software to breach the servers of hundreds of companies, including the largest U.S. pension fund.”
The free Malwarebytes 2023 State of Ransomware Report says the transition to more sophisticated zero-day vulnerabilities rather than commonplace phishing emails could “signal a change in the game” and account for the increased incidences.
Malwarebytes tracks only reported incidents, and the actual number of attacks may be significantly higher than 1,900. Since the goal of a ransomware attacker is to obtain a ransom, “some organizations make the payout and keep things quiet,” Engadget explains.
Going forward, “ransomware is poised to be a larger threat to business than ever before,” according to Harvard Business Review, which writes that the White House is considering a ban on ransom payments.
“At a time when 80 percent of organizations rely on multiple public clouds, the threat landscape has never been harder to understand or defend against,” HBR reports, stressing that entire organizations — not just CSIOs (chief security information officers) or CIOs — are accountable for cybersecurity.
White House Holds First-Ever Summit on the Ransomware Crisis Plaguing the Nation’s Public Schools, PBS NewsHour, 8/8/23
CISA’s Strategic Plan Adheres to Overall Biden Administration Direction on Cybersecurity, CyberScoop, 8/4/23
White House Launches AI Cyber Challenge to Test How Top AI Models Protect Software, VentureBeat, 8/9/23
New York State Debuts First Cybersecurity Strategy, The Wall Street Journal, 8/9/23