Check Point Research has released its 2023 Mid-Year Security Report. The research reveals a concerning 8% surge in global weekly cyber-attacks during Q2, marking the most significant increase in two years.
The report highlights the fusion of advanced artificial intelligence (AI) technology with traditional tools like USB devices used for disruptive cyber-attacks. It also uncovers a rise in ransomware attacks in the first half of 2023, introducing new ransomware groups to the scene.
Other significant findings include the evolution of ransomware tactics. The report found that ransomware groups are exploiting vulnerabilities in common corporate software and shifting focus from encrypting data to stealing it.
As mentioned above, USB devices have resurfaced as threats, employed by both state-affiliated groups and cyber-criminals to distribute malware globally. Hacktivism is on the rise, with politically motivated groups conducting targeted attacks.
The misuse of AI has escalated, as attackers use generative AI tools for phishing emails, keystroke monitoring malware and basic ransomware code.
In the first half of 2023, over 2200 victims fell victim to 48 ransomware groups. Lockbit, with a 20% increase in victims compared to the previous year, led the pack. Emerging groups like Royal and Play appeared as Hive and Conti Ransomware-as-a-Service (RaaS) groups disbanded.
Read more about Royal: CISA Warns Against Royal Ransomware in New Advisory
Geographically, 45% of victims were in the US, while Russian targets saw a surge due to “MalasLocker,” replacing ransoms with charitable donations. The manufacturing and retail sectors were most affected, indicating a shift in ransomware strategy.
“Familiar threats such as ransomware and hacktivism have evolved further, with threat groups modifying their methods and tools to infect and affect organizations worldwide,” commented Maya Horowitz, VP of research at Check Point Software.
“Even legacy technology such as USB storage devices, which have long been gathering dust in desk drawers, have gained popularity as a malware messenger.”
The executive also warned organizations of the importance of building a cyber-resilience strategy and strengthening their defenses by adopting a prevention-first, integrated approach to cybersecurity.
“Cyber-attacks are inevitable but can be largely prevented by proactive measures and the right security technologies,” Horowitz concluded.
The report’s insights are drawn from data analyzed in the Check Point ThreatCloud Cyber-Threat Map. The full report is accessible here.