In Q2 2023, the cyber threat landscape witnessed a concerning surge in ransomware attacks, according to the ransomware report published by GuidePoint Research and Intelligence Team (GRIT). The report revealed shocking statistics, with a significant 38% rise in publicly reported ransomware victims compared to the previous quarter and a staggering 100% increase compared to the same period last year.
Manufacturing and technology sectors remained the hardest hit, accounting for 14% and 11% of impacted industries, respectively, continuing a trend observed since 2022 and Q1 2023. The consulting industry experienced a concerning relative growth of 236% in observed ransomware attacks, followed closely by the insurance industry with a relative growth of 160%.
The report also highlighted a surge in Ransomware-as-a-Service (RaaS) activity during the quarter, attributed to the emergence of 14 new groups, representing a substantial 260% increase in “First Seen” groups compared to Q1. LockBit held a dominant position across all five most impacted industries, except for healthcare, where it faced competition from BianLian and Karakurt.
These statistics underscore the escalating threat of ransomware, affecting individuals, organizations, and governments worldwide. The researchers emphasized that the reduced barriers to entry facilitated by crimeware-as-a-service and RaaS economies are likely to attract more malicious actors in the future, posing challenges for defenders, especially smaller or less-resourced organizations exposed to heightened risks due to the surge in threats.
The ever-changing ransomware landscape involves various elements, including recycled ransomware, crimeware, and a focus on data extortion, among other tactics. The report stresses the critical role of information sharing among the security community and law enforcement in identifying and thwarting the impact of ransomware groups. The efforts to enhance threat intelligence sharing through public and private collaborations are highlighted as a top priority for organizations to combat the persistent and menacing ransomware adversary effectively.
As ransomware attacks continue to evolve and proliferate, it remains crucial for defenders to be well-prepared and well-resourced to effectively deal with historical malware and ransomware, while also investing in measures to stay ahead of the escalating volume of threats in the cyber landscape.
