DE is most affected by ransomware compared to the EU

3 November 2023
| No comments
DE is most affected by ransomware compared to the EU

Share post

More and more small and medium-sized companies (SMEs) are increasingly the focus of cyber extortionists. The APT groups Lockbit, BlackCat and Clop (or Cl0p) are particularly active with the number of their attacks. Compared to the EU, Germany is particularly badly attacked.  

Trend Micro has released new analysis showing that a majority of recent ransomware attacks can be traced back to three major threat actors: Lockbit, BlackCat and Clop. The report also indicates that the number of new victims has increased by 2022 percent since the second half of 47.

APT groups Lockbit, BlackCat and Clop

The research shows that many ransomware-as-a-service threat actors are no longer targeting “big targets” and are instead focusing on smaller organizations that they believe are less well protected. In the first half of the period examined, most LockBit victims (57 percent) and a significant proportion of BlackCat victims (45 percent) worldwide are companies with fewer than 200 employees. In the case of Clop, half of the attacks (50 percent) occur against large companies, while 27 percent affect small companies.

Based on telemetry data from the Japanese cybersecurity specialist, 2023 ransomware threats were detected and blocked at the email, URL and file level in the first six months of 6.697.853. This number represents a slight decrease of 3,64 percent compared to the second half of 2022, in which a total of 6.950.935 ransomware threats were detected.

Europe's companies in sight

North America is LockBit's preferred region, accounting for approximately 41 percent of the group's total victims. Europe accounts for a good quarter of LockBit victims. Also, approximately 57 percent of BlackCat victims are in North America, followed by Europe and Asia Pacific. The Clop actors show similar geographical preferences.

In 2022, BlackCat caused quite a stir in Europe after the group attacked several significant targets, including German oil suppliers and the Carinthian state government.

Global findings of the report

  • The number of Ransomware-as-a-Service (RaaS) victims increased by 2022 percent from the second half of 2023 to the first half of 47 (from 1.364 to 2.001 companies).
  • The number of new RaaS groups increased by 11,3 percent during this period to a total of 69 in the first half of 2023.
    LockBit, the leading ransomware family since 2022, is responsible for just over a quarter of attacks, while BlackCat and Clop each account for around 10 percent.
  • Finance, retail and logistics were the industries most affected by ransomware in the first half of 2023.

“We have observed a significant increase in the number of ransomware victims since the second half of 2022,” said Richard Werner, Business Consultant at Trend Micro. “Threat actors continue to innovate, target more victims and cause significant financial and reputational damage. Companies of all sizes need to prioritize and optimize their cybersecurity efforts. Our report is designed to help security professionals, policymakers and other stakeholders make better-informed decisions in the fight against ransomware.”

Background to the investigation

The analysis incorporated data from sources such as the leak websites of ransomware-as-a-service (RaaS) and extortion groups, Trend Micro's open source intelligence (OSINT) research, and the Trend Micro Smart Protection Network .

More at TrendMicro.com

 

About Trend Micro

As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.

 

Matching articles on the topic

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

Stories, TrendMicro
, , , , , ,