Ransomware gangs are evolving the tactics and technology they use, leading to a surge in attacks this summer.
July this year has seen a huge leap in ransomware attacks, hitting all-time record levels with a 153% rise from the 2022 figures, a new report has warned.
With 502 attacks recorded in July by security consultancy NCC Group, industry was the most heavily targeted sector, accounting for 31% of attacks.
NCC says that the record-breaking rise is (in part) down to a reduction in ransomware attacks in 2022, due to law enforcement interventions.
This year has now seen a rise of 67% in the first half of the year, compared to 2022 – with a further rise in the summer months which some have speculated may be due to an economic downturn leading cybercriminals not to have ‘time off’.
NCC’s analysts say, ‘What we have seen is record numbers of victims of cyber-criminal groups deploying ransomware and operating double-extortion techniques… This is a staggering increase.’
Changing tactics
In July, one single threat actor Cl0p was responsible for 171 attacks, with a carefully planned campaign which used a flaw in MOVEit file transfer software.
Some of the attacks broke the mould by exfiltrating data rather than deploying ransomware, and reflect what NCC Group describes as an ‘ever-evolving’ market for ransomware and data exfiltration.
At Stratia Cyber, we see the devastating effects of ransomware attacks first-hand all too often.
Law firm 3VB for example, came to us after a ransomware attack, determined to upgrade their security. Our CREST-accredited penetration testers offered the insights the law firm needed to secure its systems.
Ransomware is one of those areas where prevention is most definitely better than cure – and thankfully, it’s easy to ensure that if you fall victim, you can bounce back without losing data, or time.
The NCSC (National Cyber Security Centre) offers some excellent guidance on how to avoid ransomware infections – including a ‘Defence in Depth’ strategy, and the paramount importance of backups (ideally offline, regularly updated, and in an ideal world off-site).
The NCSC writes, ‘You should assume that some malware will infiltrate your organisation, so you can take steps to limit the impact this would cause, and speed up your response.’
Ever-evolving assault
Ransomware shows no sign of slowing down, and the gangs are evolving their tactics rapidly to achieve their end goal of making money.
The effects of ransomware can be particularly devastating, with 83% of ransomware victims losing revenue, and 62% losing clients, according to research by tech discovery platform GetApp.
The rise of ‘ransomware as a service’ offering a new business model, and easy access to technology for less-skilled attackers.
At Stratia Cyber, we understand that every organisation has different goals and resources when it comes to cybersecurity.
Please get in touch if you’d like to book a no-obligation discussion with one of our experienced cyber security consultants.