Skip to main content
2024 Annual Public Policy Forum, December 4, 2024 REGISTER

A new report analyzing ransomware attacks over a one-year period finds there was a surge in the first quarter of 2023, with the number of hacking attacks that prevented businesses from accessing their computer data 1.6 times higher in March than the peak month in 2022.

The report, “Ransomware Threat Landscape 2023: Ransomware Resurgence” by the cybersecurity rating service Black Kite, found that the most targeted industries were manufacturing (19.5%), professional, scientific and technical services (15.3%) and educational services (6.1%).

Ransomware groups tend to target companies with annual revenues of $50 million to $60 million, with third-party vendors often being targeted for client information extortion. The country with the most ransomware attacks was the United States, which accounted for 43% of all organizations targeted by ransomware.

Common ransomware susceptibility indicators among victims included poor email configuration, recent credential leaks, public remote access ports, out-of-date systems, and IP addresses with botnet activity, the report said.

“While there were some signs of ransomware decreasing last year due to increased pressure from law enforcement and several ransomware groups shutting down, the last few months serve as a stark reminder that we are far from being in the clear,” said Bob Maley, CSO at Black Kite.

“As more ransomware groups exploit vulnerabilities in third-party vendors, businesses will be blindsided unless they continuously monitor their extended ecosystem for susceptibility indicators and the earliest warning signs of risk,” Maley said.

Other key findings of the report include:

  • Encryption-less ransomware, which often extorts the targeted organizations through public leaks, is also on the rise.
  • The top ransomware groups during the analysis period included Lockbit (29%), AlphaVM (BlackCat) (8.6%), and Black Basta (7.2%).
  • New ransomware players including Royal, BianLian, and the Play ransomware gang, which have joined the field in 2023 to execute mass ransomware attacks.
  • The number of ransomware attacks in March 2023 was nearly double the number of attacks of April 2022.