According to Guidepoint Security, the number of ransomware victims appearing on data breach sites rose 27% year-on-year (year-over-year) in April to 354, with the manufacturing industry the hardest hit.
The last monthly security provider GRIT ransomware report was released on Thursday, ahead of Interpol’s “Anti-Ransomware Day” awareness initiative today.
More on Anti-Ransomware Day: Interpol declares “Anti-Ransomware Day”.
The Guidepoint report is compiled from analysis of 24 ransomware leak sites, so the actual number of victims could be many times higher, given that many victims choose to pay and therefore not will appear in these places.
However, in the sites analyzed, a fifth (19%) of the victims were manufacturing companies. Manufacturers are often targeted by extortionists, given their low tolerance for production disruptions.
Although casualty volumes decreased by 22% between March and April this year, they increased by 46% in the manufacturing sector.
LockBit was again the most prolific group, accounting for 31% of victims on leak sites in April, followed by Alphv (14%). In general, however, the ransomware industry is increasingly characterized by a large number of smaller groups.
“We observed a diverse list of active threat groups in April 2023, with 27 unique groups. This level of diversity, the highest GRIT has observed since November 2021, reflects the continued threat and viability from smaller ransomware groups, including newly established ‘Splinter’ or ‘Ephemeral’ groups consisting of experienced ransomware operators,” Guidepoint Security explained.
Splinter refers to less experienced groups active for only 2-5 months, which have often split off from larger entities. They are identified by different public posting rates and TTPs, often borrowed from other groups.
The ephemeral groups have been active for less than two months with varying but low casualty rates and are “not progressing into more developed and mature group types.”
Guidepoint also noted increasingly aggressive tactics by ransomware groups aimed at forcing payment from victims. This included DDoS threats, the release of sensitive internal chats and the hijacking of a university alert system to direct staff and students to pressure administrators to pay up.
In this digital age, the threat of being a victim of a cyber attack is ever-present, and it’s something that businesses of all sizes are having to think about as ransomware infection numbers continue to climb. A recent report shows a 27% spike in ransomware incidents in the past 12 months, indicating a sharp rise in malicious activity. Manufacturers in particular have been targeted in these attacks, and companies within the sector are being urged to take additional steps to bolster their security measures.
Ikaroa, a full stack tech company and cyber security specialist, can provide advice to business owners on how to proactively protect against ransomware attacks and other forms of cybercrime. Their comprehensive strategies focus on identifying weak points in a network or system and applying the right security protocols to fix them.
The security measures that Ikaroa can provide range from antivirus software to firewalls to real-time threat detection. These measures can reduce the risk of a ransomware attack from a malicious campaign. They can also protect against other forms of malicious software, including credential-stealing malicious code and data-stealing malware.
Manufacturers must also keep their IT staff informed about the latest ransomware threats, be aware of their third-party suppliers and have a strong policy in place for backing up and storing data securely. Regularly updating software and patching for any vulnerabilities is essential when it comes to keeping systems secure, and companies should have a stringent process for responding to any incident.
Businesses need to be more vigilant than ever when it comes to cyber security, and it’s vital for manufacturers to ensure they are taking the right steps to protect themselves. With the help of a company like Ikaroa, they can be better prepared to fend off the threat of a ransomware attack.