[caption id="attachment_152870" align="alignleft" width="620"]
From July 2022-June 2023, there were approximately 1,900 reported ransomware events in the U.S., Germany, France and the U.K. and more than 2,400 among the 10 most targeted countries, Malwarebytes, Inc. reports[/caption] While 2022 saw a decline in the number of ransomware incidents, for a few reasons, these cyberattacks are coming back in style with the U.S. seeing a 75% increase in ransomware events between the first half and second half of the past 12 months, according to Malwarebytes, Inc. From July 2022-June 2023, there were approximately 1,900 reported ransomware events in the U.S., Germany, France and the U.K., and more than 2,400 among the 10 most targeted countries. The U.S. saw the bulk of these attacks, accounting for 43% of all global ransomware incents during the period, according to Malwarebytes. The U.S. had 1,462 reported ransomware events in the past 12 months, while the U.K., which was the second most targeted region, saw just 196. Additionally, ransomware gangs are becoming more prolific in the volume of attacks in the U.S. From July-December 2022, only two groups managed to pull off 15 or more attacks in a single month. From January-June 2023, at least seven groups pulled off 15 or more attacks per month. Further, five groups were able to record more than 100 attacks during the past 12 months. This includes more than 286 attacks by LockBit, which heavily targeted insurers during 2022's first quarter and has more than 100 affiliates. LockBit is the most dominant form of ransomware-as-a-service in the U.S., averaging about 24 attacks each month. While LockBit continued to be the most active ransomware group, the CL0P gang and its use of zero-day vulnerabilities is of particular note, according to Malwarebytes. Twice during the past 12 months CL0P's rate of attack vastly exceeded that of LockBit. These incidents included the March 2023 GoAnywhere MFT event and the MOVEit breach in late May. Related: Remote work: Make cybersecurity a top priority, say data security pros Further, CL0P's embrace of zero-day vulnerabilities, which exploit a security flaw that has yet to be patched, could signal a shift in hackers' tactics, Malwarebytes reported. CL0P's recent exploits show that ransomware gangs can handle the cost and complexity of zero-day attacks, which could trigger other groups to latch on to the tactic similar to the double extortion trend that emerged in 2019 after it proved successful. The slideshow below details the 10 countries that saw the most reported ransomware attacks during the past 12 months, according to Malwarebytes data.
From July 2022-June 2023, there were approximately 1,900 reported ransomware events in the U.S., Germany, France and the U.K. and more than 2,400 among the 10 most targeted countries, Malwarebytes, Inc. reports[/caption] While 2022 saw a decline in the number of ransomware incidents, for a few reasons, these cyberattacks are coming back in style with the U.S. seeing a 75% increase in ransomware events between the first half and second half of the past 12 months, according to Malwarebytes, Inc. From July 2022-June 2023, there were approximately 1,900 reported ransomware events in the U.S., Germany, France and the U.K., and more than 2,400 among the 10 most targeted countries. The U.S. saw the bulk of these attacks, accounting for 43% of all global ransomware incents during the period, according to Malwarebytes. The U.S. had 1,462 reported ransomware events in the past 12 months, while the U.K., which was the second most targeted region, saw just 196. Additionally, ransomware gangs are becoming more prolific in the volume of attacks in the U.S. From July-December 2022, only two groups managed to pull off 15 or more attacks in a single month. From January-June 2023, at least seven groups pulled off 15 or more attacks per month. Further, five groups were able to record more than 100 attacks during the past 12 months. This includes more than 286 attacks by LockBit, which heavily targeted insurers during 2022's first quarter and has more than 100 affiliates. LockBit is the most dominant form of ransomware-as-a-service in the U.S., averaging about 24 attacks each month. While LockBit continued to be the most active ransomware group, the CL0P gang and its use of zero-day vulnerabilities is of particular note, according to Malwarebytes. Twice during the past 12 months CL0P's rate of attack vastly exceeded that of LockBit. These incidents included the March 2023 GoAnywhere MFT event and the MOVEit breach in late May. Related: Remote work: Make cybersecurity a top priority, say data security pros Further, CL0P's embrace of zero-day vulnerabilities, which exploit a security flaw that has yet to be patched, could signal a shift in hackers' tactics, Malwarebytes reported. CL0P's recent exploits show that ransomware gangs can handle the cost and complexity of zero-day attacks, which could trigger other groups to latch on to the tactic similar to the double extortion trend that emerged in 2019 after it proved successful. The slideshow below details the 10 countries that saw the most reported ransomware attacks during the past 12 months, according to Malwarebytes data. NOT FOR REPRINT
© Touchpoint Markets, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more inforrmation visit Asset & Logo Licensing.
Steve Hallo
Steve Hallo is managing editor of PropertyCasualty360.com. He can be reached at [email protected]
