Warning of summer surge in ransomware attacks
Ransomware attacks in June spiked by a whopping 221% year-on-year, according to the latest report from NCC Group.
The summer surge in ransomware follows separate warnings from earlier this year that ransomware attacks were once again on the rise.
Recommended: Read our guide to “What is ransomware?”.
NCC Group’s Monthly Threat Pulse reports that there were 434 ransomware attacks in June, up from 135 attacks in June 2022. It points the finger at the Russian-speaking Clop group for more than a fifth of those attacks.
Clop has been actively exploiting a SQL injection vulnerability in the MOVEit file transfer software, which was patched earlier this month. Clop has reportedly used the exploit to attack more than 200 organisations in recent months, affecting 17.6 million individuals, according to threat analyst Brett Callow.
“The considerable spike in ransomware activity so far this year is a clear indicator of the evolving nature of the threat landscape,” said Matt Hull, global head of threat intelligence at NCC Group.
“The better-known players, such as Lockbit 3.0, are showing no signs of letting up, newer groups like 8base and Rhysida are demonstrating what they’re capable of, and Clop has exploited a major vulnerability for the second time in just three months.”
Ransomware targets
The industrial sector is the biggest target for ransomware attacks, according to NCC Group, accounting for around a third of attacks. Consumer cyclicals (12%) and technology (11%) are the next two biggest targets.
In terms of geographical location, North America is seeing the bulk of the attacks, with just over half of the total in June. Europe (27%) and Asia (9%) follow behind.
2023 is fast becoming the year of ransomware. The Thales Data Threat Report issued in April claimed that 48% of IT professionals had seen a rise in ransomware attacks, with 22% of organisations reporting they had been a victim of an attack in the past year.
Exploitation of a known vulnerability was blamed for just over a fifth of those attacks, showing how reliant businesses are on software vendors securing their products.
The Thales report found that only half of companies have a formal ransomware response plan and that two-thirds of ransomware victims had suffered a degree of data loss.
Related cybersecurity reading
NEXT UP
Alexey Kalachik, CEO & Co-Founder at Fively: “The potential for digitalisation within insurance is enormous”
We interview serial entrepreneur Alexey Kalachik, CEO & Co-Founder at Fively, on the future of fintech and what makes this space so exciting for startups.
IBM bolsters AI push with Microsoft Copilot launch
In a bid to boost its AI offering, IBM Consulting will enable enterprises to create and manage AI copilots – including Copilot for Microsoft 365
Andrew Kay, Director of Systems Engineering APJ at Illumio: “The most worrying development with ransomware is that it has evolved from simply stealing data to impacting IT availability”
Andrew Kay, Director of Systems Engineering APJ at Illumio, has 20 years’ experience helping organisations strengthen their cyber resilience. We interview him as part of our Threats series on cybersecurity.