Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
A nearly 25% monthly drop in ransomware attacks is the good kind of news—unless it’s still leaving you with a number of exploits.
That’s what NCC Group, an information assurance firm based in the UK, found in its latest monthly Cyber Threat Intelligence Report report. Ransomware attacks dropped to 352 in April from March’s 459, but April’s number still dwarfs the highest rate in 2022 by more than 50. NCC’s report put the attack level in perspective, noting that “the main contributor to March’s numbers was the prolific exploitation of the GoAnywhere MFT vulnerability” and that patches and fixes drove some of that number down.
“Looking at the first four months of 2023, it is clear that ransomware numbers are trending much higher than in 2022,” the report continued. “Although the results this month have declined, the number of victims is the second highest ever recorded in our database (beginning 2021).”
The threat landscape by the numbers:
- 58% of ransomware attacks in April were carried out by three groups: 107 by Lockbit 3.0, 50 by BlackCat, and 46 by BianLian
- The three most targeted sectors were industrials at 32% and consumer cyclicals and technology, both at 11%
- North America accounted for 50% of attacks, with Europe coming in second at 24% and Asia at 10%; 8% were in undisclosed regions
In a statement announcing the numbers, NCC Group global head of threat intelligence Matt Hull said that “this kind of malicious effort—leaking data to encourage ransom payments, known as a double-extortion ransomware attack—is on the rise.”
“As we see these growing levels of activity, organizations should remain vigilant and adapt their security measures to stay one step ahead, adopting a comprehensive and multi-layered defense strategy that is malleable to a changing threat landscape,” Hull said.
As IT Brew has reported, ransomware attacks have been driving the cybersecurity conversation in recent months. An increased rate of attacks and high value targets are leading experts to call for better security hygiene and stronger defensive practices.