Cyberattacks have increased over the past few years. Ransomware attacks were analyzed in a recent report by Black Kite. The report looked at 2,708 ransomware victims from April 2022 to March 2023.
The findings reveal a major ransomware resurgence this year, with the number of victims in March nearly double that of last April and 1.6 times higher than the peak month in 2022.
Other report findings include:
- Ransomware attacks resurged in early 2023, with new players such as Royal, BianLian and Play ransomware gangs joining the field and major players like Lockbit and Clop executing mass-ransomware attacks.
- The top targeted industries were manufacturing (19.5%), professional, scientific and technical services (15.3%) and educational services (6.1%).
- The United States was the top targeted country, accounting for 43% of victim organizations, followed by the UK (5.7%) and Germany (4.4%).
- Ransomware groups tend to target companies with annual revenues of approximately $50M to $60M, with third-party vendors often being targeted for client information extortion.
- The top ransomware groups during the analysis period included Lockbit (29%), AlphaVM (BlackCat) (8.6%) and Black Basta (7.2%).
- Common ransomware susceptibility indicators among victims included poor email configuration, recent credential leaks, public remote access ports, out-of-date systems and IP addresses with botnet activity.
- Encryption-less ransomware is on the rise, underscoring the importance of data protection and regulatory compliance in addition to addressing business interruption risks posed by traditional encryption-based attacks.