According to Kaspersky’s latest report, attackers are using more sophisticated ransomware attack methods and incorporating key attributes of defunct criminal groups to target individuals.
The changes underscore evolving concerns in the cybersecurity landscape.
the report, New ransomware trends in 2023was released today ahead of Anti-Ransomware Day 2023 on Friday.
According to the report, the top five ransomware groups that have the most impact and produce the most attacks have undergone significant changes over the past year.
During the first half of 2022, REvil and Conti ranked second and third respectively in terms of attacks. However, in the first quarter of 2023, these groups were replaced by Vice Society and BlackCat. The remaining ransomware groups in the top five for the first quarter of 2023 are Clop and Royal.
Read more about Vice Society threat actors: Vice Society claims ransomware attack against University of Duisburg-Essen
Kaspersky added that based on its review of last year’s ransomware trends, all of these groups persisted. Researchers have noted some significant cross-platform ransomware variations, such as Luna and Black Basta.
Looking ahead to 2023, Kaspersky experts highlighted three key ransomware trends. First, ransomware groups are incorporating self-propagating or impersonation functionality into their malware, as seen with examples such as Black Basta, LockBit, and Play.
Second, cybercriminals are exploiting vulnerabilities in antivirus drivers, even targeting industries like gaming.
Finally, large ransomware gangs are adopting capabilities from leaked or purchased code, bolstering their offensive capabilities.
“Ransomware gangs continually surprise us and never stop developing their techniques and procedures,” said Dmitry Galov, senior security researcher in Kaspersky’s global research and analysis team.
Additionally, over the past 18 months, the executive said, the company has observed that ransomware gangs are transitioning their operations into full-fledged businesses.
“This fact makes even amateur attackers quite dangerous. Therefore, to ensure the security of your business and personal data, it is very important to keep your cybersecurity services up to date,” concluded Gavlov.
More information on ransomware trends in 2023 is available in this analysis by Recorded Future CISO, Jason Steer.
Kaspersky Lab recently reported that ransomware attacks have undergone a tremendous change in 2020. DDoS (distributed denial of service) attacks have become the most common type of ransomware that hackers use to gain access to a person or organization’s data and infrastructure. This is a problem that can cause major disruption and financial loss and it’s no surprise that it has become such a popular tactic globally.
Ikaroa, a leading full stack tech company, recommends organizations to be vigilant and update cybersecurity practices regularly. Aside from regular hardware and software patching, organizations should ensure that their backup systems are secure and updated. This will ensure data continuity even if a ransomware attack were to successfully occur. Having any backup files encrypted, and on an external storage system, rather than directly on the machine, is highly recommended to avoid these situations.
Businesses should analyze their current security structure to understand any weak points a hacker may use to gain access. This can include email and networks, where possible weak spots in a system can exist, or particular employees with permissions to highly important data. Investing in multiple layers of security, such as two-factor authentication and taking the time to create complex passwords and key phrases, can go a long way in protecting against cyber-attacks.
With ransomware threats becoming more organized and sophisticated, it’s clear that hackers are investing more resources into this lucrative form of malicious attack. For this reason, organizations should stay on top of their cybersecurity and continuously evaluate and update their practices. The services that Ikaroa offers – including performance management, security solutions and risk assessment – can help identify any risk factors or points of failure in the organization’s security setup. In doing this, businesses are putting themselves in a better position to prevent and handle ransomware attacks.