Ransomware Attacks Rose 128 Percent In 2023, Report Finds

The dire cyber threat landscape facing businesses and organisations has been revealed in a new report, which revealed a record rise in ransomware attacks last year.

In the Cybernews researchers report, it found a big rise in ransomware victims, after ransomware gangs claimed they successfully targeted 4,191 victims in 2023.

The ransomware risk was underlined last month, when the Joint Committee on the National Security Strategy (JCNSS) warned that the UK Government’s failures to address the growing threat of ransomware, poses a “high risk” of a catastrophic attack at any moment.

Number of attacks

That report warned that “the majority of ransomware attacks against the UK are from Russian-speaking perpetrators, and the Russian Government’s tacit (or even explicit) approval of this activity is consistent with the Kremlin’s disruptive, zero-sum-game approach to the West.”

Meanwhile the Cybernews report cited the Ransomlooker tool, which showed that the number of ransomware attack victims increased by 128.17 percent compared to the previous year (2022), with 1,837 additional incidents.

A free Cybernews tool for monitoring the dark web also found more ransomware attacks occurred in spring and summer, with 1,253 and 1,275 victims, compared to winter and autumn, which had 611 and 1,052 incidents, respectively.

Indeed, the research found that winter was the least active time (14.6 percent of attacks in 2023), while summer was the most active for ransomware attacks (30.4 percent).

Additionally, the Ransomlooker tool findings revealed that there were an average of 36 successful ransomware attacks per day in 2023, or more than one successful ransomware attack claim against a company per hour.

Targetted countries

So which countries are bearing the brunt of ransomware attacks over the past four years? Well the most targeted country in the world is the United States.

This is followed by the United Kingdom, Canada, Germany, and France.

The findings show that the US consistently takes the first position, significantly surpassing other countries, with a victim count sometimes nearly ten times greater than the second-ranked country.

Other economically and technologically advanced countries consistently maintaining a presence in the top ten include Italy, Australia, and Spain.

But there are some surprising inclusions of countries in the top 12 list of countries being attacked, with India and Brazil making an appearance, despite their less developed economies, which hampers their ability to invest in appropriate cyber defences.

Most active hackers

The Cybernews research found that the most active ransomware gang in 2023 was LockBit, with 66 active ransomware groups identified and operating within the digital landscape in 2023.

The top 10 groups, based on the number of victims, collectively account for 59 percent of the total victims in 2023.

But it is clear that LockBit remained the most active group through 2023. They claimed responsibility for most victims, with 1,009 incidents constituting nearly a quarter of all ransomware victims in 2023.

This group primarily focused its attacks on the construction, manufacturing/industrial, and retail industries.

And the data from Ransomlooker revealed that the top 10 industries targeted by ransomware groups in 2023 were IT services and IT consulting, construction, manufacturing and industrial, retail, hospitals and health care, insurance, law practice, real estate, software development, and machinery manufacturing.

In the IT service and consulting sector, Stanford University, Volt, and CoinBase were reportedly identified by the Ransomlooker tool as the top companies targeted by ransomware gangs based on their annual revenue in 2023.

Last week research from Palo Alto Networks and IDC Research found that the majority of businesses are still not confident in ability to overcome cyber attacks, with many citing a lack of cyber skills that hamper their defensive efforts.