Ransomware incidents surged by 73% year-over-year, reaching 6,670 attacks, with significant spikes in June and July driven by the exploitation of a widely used file transfer tool.
Compiled by the Ransomware Task Force, which was formed in 2021 by the non-profit Institute for Security and Technology, the report reflects input from a coalition of cybersecurity experts, government agencies, and private sector partners.
For its 2023 report, the organization drew extensively on data from eCrime.ch, which aggregates posts from data leak sites, providing a key foundation for its findings.
In 2023, the task force reported ransomware incidents across 117 countries, attributed to 66 groups. This marked an increase from 2022, when 105 countries were targeted by 58 ransomware gangs.
The 2023 data revealed rising ransomware activity in South Asia and South America, regions undergoing rapid digitization. Notable spikes were seen in Iran, Pakistan, Brazil, and India, with Brazil’s presidential office targeted and India experiencing attacks on its hospitals and financial systems.
Despite being taken down by law enforcement this year, LockBit and AlphV led global ransomware attacks, particularly focusing on the construction sector, healthcare, and IT industries in various regions.
The Ransomware Task Force noted with regret that evidence indicates a troubling trend: the "scale, frequency, and complexity of incidents are escalating as cybercriminals continue to refine the ransomware-as-a-service (RaaS) model."
“The fundamental criminal effectiveness of the RaaS model has not changed, and these crimes continue to grow more profitable over time. Additional efforts must be taken in 2024 and beyond to disrupt this model,” the group said.
According to the report, half of the recommendations put forth by the task force in its 2021 ransomware report remain unaddressed. Although there have been advancements in incident reporting systems and international cooperation, efforts to curb the ongoing flow of ransom payments have been minimal. Law enforcement agencies advise ransomware victims to refrain from making payments whenever possible.
The Ransomware Task Force stated in April that while certain recommendations may require legislative changes, existing efforts to enhance organizational preparedness for attacks and provide financial assistance to those impacted are still lacking.
“Governments have not taken all necessary further actions to combat ransomware,” the report said.
(The Images used in this Blog Post has been taken from Therecord.media)
