Ransomware attacks increased by 12 percent

August 20, 2024
| No comments
B2B Cyber ​​Security ShortNews
Advertising

Share post

Ransomware attacks are a major and expensive problem for companies. After an attack, it takes on average up to a month for the company to return to normal operations. Lockbit 3.0 is the most active hacker group in the world.

aDvens, one of the leading independent cybersecurity companies in Europe, has published its annual Threat Status Report. The report provides a detailed overview of the most important developments and trends in cyber threats observed by the aDvens team of experts, as well as the relevant protection measures against these threats.

Advertising
Perfect SME cybersecurity
How small and medium-sized enterprises defend against AI-led attacks with tailored security

The most important findings from the report at a glance:

Ransomware worldwide

  • After the number of ransomware attacks worldwide fell in 2022 for the first time in 5 years, aDvens recorded an increase of 2023 percent in 12 compared to the previous year.
  • The hacker group Lockbit 3.0 was by far the most active worldwide in 2023 (1.038 victims), followed by AlphVM (422 victims) and Cl0p (386 victims).
  • On average, it took three to four weeks for a company attacked with ransomware to return to normal operations.

Ransomware in Germany

  • In a global comparison, companies in Germany were the fourth most frequently attacked using ransomware. aDvens recorded 215 cyber attacks.
  • Lockbit 3.0 was also the most active in Germany (39 attacks), followed by BlackBasta (29 attacks) and Cl0p (17 attacks).
  • Companies in the mechanical engineering sector were most frequently attacked (15 victims), followed by the construction industry (10 victims), the automotive industry (9 victims) and the electronics manufacturing industry (9 victims).

Attackers rely on efficiency

  • The average time for a ransomware rollout has dropped massively – from around two months in 2019 to less than four days in 2023.
  • The technically simplest attack methods are still the most commonly used. These include phishing, compromising third-party services, targeted use of existing vulnerabilities and DDoS attacks.
  • Attackers are increasingly acting opportunistically and are specifically focusing on particularly risky security gaps, such as unofficial “shadow IT” within the company, which is less protected.

Attackers use new methods to monetize data

  • Fewer and fewer companies are paying the ransom demanded in ransomware attacks: Instead of encrypting data and then demanding a ransom, attackers are increasingly using spyware to steal data and then sell it (or threaten to sell it) on the darknet.
More at aDvens.com

 

About aDvens

Advertising

Subscribe to our newsletter now

Read the best news from B2B CYBER SECURITY once a month



By clicking on "Register" I agree to the processing and use of my data in accordance with the declaration of consent (please open for details). I can find more information in our Privacy Policy. After registering, you will first receive a confirmation email so that no other person can order something you don't want.
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest. For more information, see the privacy policy of CleverReach at: https://www.cleverreach.com/de/datenschutz/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

aDvens is a leading, independent European cybersecurity company. Since its founding in 2000, the company's name has been its mission statement. aDvens stands for "Together and Ahead". Its mission is to protect public and private organizations from cyber threats - around the clock. aDvens offers Managed Detection & Response Services (SOC-as-a-Service) and selected consulting services in the field of cybersecurity and OT security.

Matching articles on the topic

F5 BIG-IP: BSI warns of highly dangerous vulnerabilities

The BSI has issued a warning about F5 products, as they contain several highly dangerous security vulnerabilities that should be closed. The BIG-IP ➡ Read more

Iran, North Korea, Russia: State hackers rely on ClickFix 

State-sponsored hacker groups are increasingly adopting new social engineering techniques originally developed by commercially motivated cybercriminals. ClickFix, for example, is now increasingly ➡ Read more

TA4557: Venom Spider targets HR departments

TA4557, better known as Venom Spider, is increasingly exploiting phishing and trying to deploy its backdoor malware. The focus of the ➡ Read more

IT resilience: cybersecurity at the storage level

More data security features for greater IT resilience at the storage level: Cyber ​​security managers can pursue a proactive data security approach at the storage level with highly secure NetApp storage and thus ➡ Read more

Oettinger Brewery attacked by ransomware

The APT group Ransomhouse claims to have successfully attacked the German brewery Oettinger with ransomware. On the APT group's leak page ➡ Read more

Healthcare facilities: 90 percent are at high risk

The current report “State of CPS Security: Healthcare Exposures 2025” shows the most dangerous vulnerabilities of medical devices in networks of ➡ Read more

Google Cloud Run: ImageRunner vulnerability discovered

The ImageRunner privilege escalation vulnerability in Google Cloud Run could have allowed attackers to bypass access controls, gain unauthorized access to container images ➡ Read more

North Korean IT workers threaten European companies

The Google Threat Intelligence Group (GTIG) has published its latest findings on the activities of North Korean IT employees in Europe. These IT employees ➡ Read more

Short news
, , , , , ,