Malwarebytes, a renowned cybersecurity company, has released its annual State of Ransomware report for 2023. The report uncovers some astonishing details about the escalating rate of ransomware attacks, with the United States emerging as the most targeted victim. The report is based on data collected between July 2022 and June 2023 and is available for review on Malwarebytes' official website.
According to the report, there has been a surge in ransomware incidents, with the US bearing the brunt of these attacks. Out of the 2,483 attacks launched by 48 ransomware gangs against the top 10 most targeted countries, the US alone has experienced nearly 60% of these attacks. This equates to 1,462 attacks over the past year, indicating a significant surge in cyber threats against the country.
The report further reveals that the average number of monthly attacks in the US escalated by 75% between the first and second half of the last 12 months. This indicates a severe security concern for the nation and calls for robust protective measures. A visual chart accompanying the report further emphasizes how much more the US is targeted than other top-attacked countries.
Historically, the LockBit ransomware gang has been reputed as the leading group behind such attacks. However, in an interesting turn of events, the report discloses that the CL0P gang outperformed LockBit in launching attacks during two of the last 12 months. The driving force behind this sudden shift is their unique strategy of utilizing separate zero-days in GoAnywhere MFT and MOVEit Transfer to gain the upper hand. This advantage allowed CL0P to launch an unprecedented number of attacks in a relatively short period and on a massive scale.
This trend of using zero-day vulnerabilities by ransomware groups like CL0P could potentially bring about a significant shift in ransomware strategies. This mirrored a similar situation in 2019 when the "double extortion" tactic was adopted. Malwarebytes warns that if other ransomware gangs begin to replicate CL0P's approach, it could result in a substantial increase in the number of victims. The report serves as a stark reminder of the constant evolution of cyber threats and the need for adaptive, proactive cybersecurity measures.