JUMPSEC research reveals ransomware attacks rising again

Ransomware attacks rose by 37% in the first half of 2023, with a JUMPSEC report showing exploitation of the financial services, insurance and IT sectors

The UK is the most targeted country outside the US, with 20% of European ransomware attacks occur there, according to research released by cyber security services company JUMPSEC.

In its latest report, JUMPSEC reveals that attacker-reported ransomware attacks increased by 87% in the UK and 37% globally in the first half of 2023, following reports of ransomware growth slowing at the end of 2022. Victims refusing to pay, higher security spending, or threat actors focusing on Russia-Ukraine were all theories for the slowdown. 

JUMPSEC now expects 2023 to be the most prolific year for ransomware, surpassing the previous highs of 2021.  JUMPSEC identified 436 attacks worldwide in July 2023, 20% higher than the previous all-time high caused by Log4j in 2021. 

The mass exploitation of software vulnerabilities is perhaps the most clear-cut contributing factor to the rise of ransomware attacks in 2023. Several vulnerabilities discovered in widely used platforms have contributed to rising attack figures (Rackspace, Zimbra and most notably the MOVEit). 

Analysis shows that Lockbit is still the most prevalent ransomware variant in 2023, however, Cl0p ransomware, who claim the MOVEit breach, have increased their impact significantly and could be on course to challenge Lockbit as the most prevalent ransomware. 

Report shows increased exploitation of the financial services, insurance and IT sectors

Another 2023 trend reported by JUMPSEC is the increased exploitation of the financial services, insurance and IT sectors, both globally and within the UK. With organisations increasingly opting only to exfiltrate data as leverage for extortion these sectors are becoming increasingly lucrative targets. Large UK based companies such as Aon, Deloitte and PWC were all targeted in the MOVEit attack and are representative of the types of organisations that have experienced higher attack rates. 

Another explanation for rising attack figures is simply the proliferation of more ransomware variants as JUMPSEC have monitored 20% more ransomware groups in 2023 than in 2022. 

According to the analysis, successful groups continue to prioritise big game hunting. In 2023, BlackCat (ALPHV) and CL0P are the most common ransomware groups targeting UK organisations with £10 million in bank assets, replacing Karakurt as the most common ransomware against large organisations. 

UK is the most targeted country outside the US and 20% of European ransomware attacks occur there. While Russian-aligned hacktivist organisations threaten DDoS assaults against the UK, theoretically making UK businesses more susceptible, such attention-grabbing hacktivism is unlikely to have a significant impact.

“We have observed a trend towards the increased personalisation of attacks, which could indicate victims have become less inclined to pay ransoms, causing attackers to exert greater pressure,” said JUMPSEC’s Researcher Sean Moran. “Unfortunately, recent reports of rising cryptocurrency profits by known ransomware threat actors suggests that attacker negotiation tactics have been effective. Organisations need to continually to refine their response to cyber extortion as attackers develop new strategies around mass exploitation of software vulnerabilities, data exfiltration, whilst becoming increasingly personal by targeting individuals and senior leadership within victim organisations.”

******

For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.

Share

Featured Articles

Why CISOs Remain Crucial in the Age of Rampant Ransomware

As ransomware attacks escalate, the CISO has emerged as an indispensable guardian for the cybersecurity of companies

Q&A: Protiviti's Sameer Ansari on CISOs' Growing Challenges

Managing Director - Global Cybersecurity and Privacy Lead at Protiviti, Sameer Ansari discusses his views on the growing challenges CISOs now face

How Partnerships Proved Pivotal for UnitedHealth After Hack

When hackers hit UnitedHealth subsidiary Change Healthcare with a huge cyber attack, its partnership with Vyne Dental proved pivotal in managing fallout.

Transforming Cybersecurity: IBM & Palo Alto's AI Integration

Technology & AI

C-suite Indifference to Cyber Could Cost Business £145k

Operational Security

Why Avast Warn of Social Engineering in Cybersecurity

Operational Security