2023 marked an 80 percent increase in ransomware activity

January 25, 2024 – Published on Beta News

The latest annual report from the GuidePoint Research and Intelligence Team (GRIT) observed 63 distinct ransomware groups using encryption, data exfiltration, data extortion, and other novel tactics to compromise and publicly post 4,519 victims across all 30 of GRIT’s tracked industries, and in 120 countries, across 2023.

Most impacts affected a limited subset of industries. 62 percent of all observed victims belong to one of the top ten most-impacted industries, with manufacturing and technology remaining the two most-impacted.

Manufacturing and technology represent 12.9 percent and 7.9 percent of all victims, respectively. Among manufacturing industry victims, the US was impacted five times as much as the next highest country, Germany (265 vs 48 victims). Manufacturing was the most impacted industry for almost every month in 2023, apart from May, when it placed behind technology by a single observed victim.

“Comparing 2023 to 2022 ransomware activity, we saw an 80 percent YoY increase of victim posting,” says Drew Schmitt, practice lead at GRIT. “While mass exploitation campaigns contributed substantially to this large increase, we saw a significant increase in ransomware activity overall. New entrants in the ransomware ecosystem had repeated opportunities either through reduced technical barriers such as the recycling of leaked ransomware builders and commodity malware, or the recycling of previously leaked data for attempted re-extortion and claims of attacks that never were. For those established groups with resources and technical expertise, exploitation of high-severity and zero-day vulnerabilities provided a reliable means of exploiting victims at scale, a trend we assess as likely to continue into 2024 as a means of overcoming improvements in security.”

Read More HERE.