Advertising
Ransomware attacks are a major and expensive problem for companies. Attacks have increased significantly in the last year, according to a study by a market leader in dynamic cybersecurity, which identified many new ransomware variants.
Mandiant observed a significant increase in ransomware activity in 2023, with a 75% increase in reports of data leaks on websites. Specifically, over 50 new ransomware families and variants were identified, with a third of these being variants of known families. Attackers are increasingly using legitimate tools such as ScreenConnect, Splashtop, Atera and Anydesk to penetrate victims' systems, turning away from Cobalt Strike BEACON.
Advertising
The most important results of the ransomware study:
- Nearly a third of ransomware attacks occurred within 48 hours of initial access, with 76% occurring outside of working hours.
- Ransomware attacks affected companies in more than 110 countries and were facilitated by ransomware-as-a-service (RaaS) models.
- The five most common ransomware families in 2023 were ALPHV (17 percent), LOCKBIT (17 percent), BASTA (8 percent), REDBIKE (6 percent) and PHOBOS (5 percent).
- Some threat actors have tried new and unique methods to pressure victims and/or obtain payments, such as “swatting,” making direct calls to victims, and even filing complaints with government regulators.
- Attackers prefer some cryptocurrencies like Monero over others when blackmailing their victims
About Mandiant Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response. With decades of experience on the cyber frontline, Mandiant helps organizations confidently and proactively defend against cyber threats and respond to attacks. Mandiant is now part of Google Cloud.
Matching articles on the topic