GuidePoint reports alarming rise in ransomware, mostly impacting manufacturing and technology industries

January 26, 2024 – Published on Industrial Cyber

GuidePoint Security disclosed that 2023 observed most impacts affecting a limited subset of industries. 62 percent of all observed victims belong to one of the ‘top ten’ most-impacted industries, with manufacturing and technology remaining the two most-impacted industries, representing 12.9 percent and 7.9 percent of all victims, respectively. Ransomware victim posting increased by a staggering 80.1 percent year-on-year (YoY) increase in ransomware activity, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. 

In its 2023 Annual Ransomware Report, the GuidePoint Research and Intelligence Team (GRIT) reported that ransomware continued to increase in 2023 in terms of impact, sophistication, and the number of participating actors, indicating that the ransomware ecosystem has not yet reached a point of market saturation. GRIT expects ransomware impacts to continue on an upward trajectory in 2024 based on Established groups continuing to leverage high-severity and zero-day vulnerabilities as a reliable means of exploiting victims at scale.

GuidePoint data also identified that the research observed 63 distinct ransomware groups leverage encryption, data exfiltration, data extortion, and other novel tactics to compromise and publicly post 4,519 victims across all 30 of GRIT’s tracked industries, and in 120 countries.

Manufacturing was the most impacted industry for almost every month last year, excluding May, when it was placed behind technology by a single observed victim. From an industry perspective, the GRIT team observed most impacts affecting a limited subset of industries with roughly two-thirds of all observed victims belonging to one of the ‘top ten’ most-impacted industries. 

Read More HERE.