Ransomware has had a significant impact, particularly in the United States, where almost half of all ransomware campaigns occurred in the past year.
The arts, entertainment, and recreation industry witnessed the most substantial increase in ransomware attacks, with a staggering growth rate of over 430%. Manufacturing remains the most targeted sector, comprising nearly 15% of all ransomware attacks, followed by the services sector at approximately 12%. Furthermore, 25 new ransomware families have been identified utilizing double extortion or encryption-less extortion tactics in the current year.
Zscaler, Inc., a leading provider of cloud security solutions, has unveiled its latest ThreatLabz Ransomware Report for 2023. The report highlights the alarming rise in sophisticated ransomware attacks and sheds light on emerging trends in the ransomware landscape. Notably, public entities and organizations with cyber insurance have become prime targets, while the proliferation of ransomware-as-a-service (RaaS) and encryption-less extortion has added new dimensions to the threat landscape. The report reveals that several terabytes of data have been stolen through successful ransomware attacks since April 2022, which cybercriminals exploit to extort ransoms. Deepen Desai, Global CISO and Head of Security Research at Zscaler, emphasizes the need for organizations to move away from legacy point products and embrace a comprehensive zero trust platform to minimize attack surfaces, prevent compromise, and halt data exfiltration.
The report underscores the evolution of ransomware, where the barrier of entry for new cybercriminal groups has lowered while the sophistication of attacks has increased. Ransomware-as-a-service has played a significant role in this development, enabling threat actors to sell their services on the dark web and sharing 70-80% of the profits. This business model’s popularity is evident from the nearly 40% increase in ransomware attacks over the past year. Encryption-less extortion has emerged as a notable trend, prioritizing data exfiltration over encryption methods and posing challenges in detection and response.
The report also provides insights into the countries most targeted by ransomware attacks. The United States has witnessed the highest number of double-extortion attacks, with 40% of victims located there. Canada, the United Kingdom, and Germany collectively experienced fewer attacks compared to the United States. The manufacturing sector emerged as the most-targeted industry globally, attracting ransomware groups due to valuable intellectual property and critical infrastructure. Zscaler’s research identifies the BlackBasta ransomware family as particularly interested in manufacturing organizations, targeting them over a quarter of the time.
As the threat landscape evolves, organizations must adopt a comprehensive approach to protect against ransomware attacks. The Zscaler Zero Trust Exchange offers a robust zero trust framework integrated with advanced ransomware protection measures. The report provides guidelines to effectively mitigate the risk of falling victim to ransomware, including preventing initial compromise, stopping compromised users and insider threats, minimizing the attack surface, and preventing data loss. By leveraging the capabilities of the Zscaler Zero Trust Exchange and implementing these best practices, organizations can proactively safeguard their data, users, and connectivity from the ever-changing ransomware threat landscape.
To access the complete report, please visit the 2023 ThreatLabz Ransomware Report.