2023 was a giant yr for ransomware teams, whilst legislation enforcement around the globe continued to crack down on attackers.
Palo Alto Networks’ Unit 42, the risk intelligence agency, discovered a 49 p.c bump in victims reported by ransomware leak websites, totaling practically 4,000 posts to these websites from totally different ransomware teams. Unit 42 mentioned the uptick was because of the huge affect of assaults that exploited zero-day vulnerabilities, that are safety flaws that builders have but to determine. They pointed to the MOVEit Transfer software hack that the US government has connected to the CL0P Ransomware Gang, as one instance. The Cybersecurity and Infrastructure Safety Company estimated that hack compromised greater than 3,000 US-based organizations and eight,000 globally.
Practically half of ransomware victims recognized by Unit 42 have been within the US, with probably the most impacted industries being manufacturing, skilled and authorized companies, and excessive tech.
Unit 42 recognized 25 new leak websites final yr that supplied ransomware as a service. However it mentioned a minimum of 5 appear to have shut down, since they’d no new posts within the second half of the yr. The roughly two dozen new websites accounted for 25 p.c of whole ransomware posts in 2023, Unit 42 mentioned.
Nonetheless, the prominence of some ransomware teams additionally attracted legislation enforcement consideration that was profitable in a number of {cases}, Unit 42 mentioned. The group praised legislation enforcement’s position in disrupting teams like Hive and Ragnar Locker in 2023. Hive extorted $100 million in ransom funds, according to the US Justice Department, and brought on main disruptions together with to a hospital that needed to go analog within the wake of its assault and couldn’t settle for new sufferers. Ragnar Locker attacked vital infrastructure together with a Portuguese nationwide service and an Israeli hospital, according to European law enforcement.
The report tracks with findings from Chainalysis, a blockchain information firm that just lately put out its own report on crypto crime trends. Whereas the agency discovered a drop within the whole worth of unlawful crypto exercise general in 2023 based mostly on preliminary findings, ransomware income elevated. Chainalysis prompt “ransomware attackers have adjusted to organizations’ cybersecurity enhancements.”