Ransomware Attacks Skyrocket in 2023

Written by

Ransomware attacks surged by 74% in Q2 2023 compared to the first three months of the year, a new report has found.

The 2023 SonicWall Mid-Year Cyber Threat Report observed two “very unbalanced quarters” regarding the volume of ransomware attacks so far this year. SonicWall Capture Labs Threat Researchers recorded 51.2 million attacks in Q1 2023, representing the smallest number of attacks since Q4 2019.

However, ransomware resurged during Q2, with 88.9 million attacks seen – a rise of 74%.

Over the first half of 2023, ransomware declined by 41% compared with H1 2022. The researchers identified a range of factors for this fall:

  • Increased law enforcement scrutiny: This includes the takedown of the Hive ransomware gang in January 2023 and US and UK sanctions against Trickbot members in February 2023, which impacted the activities of major cyber-criminal groups.
  • Political and economic climate: The researchers said that organizations are less willing to pay a ransom demand, both because of growing financial difficulties and increasing awareness that such payments could be supporting Russia in its ongoing conflict with Ukraine.
  • Shift in tactics: The report also observed an uptick in “pure extortion attacks,” with cyber-criminals increasingly relying on the threat of data leaks rather than encrypting data to extort victims. Such schemes “do not trigger a ransomware detection.”

However, the significant increase in ransomware over April, May and June 2023 suggests that attackers are regrouping. The report noted: “Taken with the monthly trends, this suggests ransomware could rebound as we continue moving through 2023.”

In July 2023, Chainalysis found that in the first half of 2023, ransomware attackers extorted $176m more than the same period in 2022, reversing a downward trend in 2022.

SonicWall President and CEO Bob VanKirk commented: “The seemingly endless digital assault on enterprises, governments and global citizens is intensifying, and the threat landscape continues to expand.”

Other Vector Trends

The Cyber Threat Report revealed an enormous 399% rise in cryptojacking in the first half of 2023 compared to 2022, reaching over 332 million hits. According to the researchers, this is part of a broader trend of attackers pivoting to lower-cost, less risky attack methods – in this case, stealing compute power to mine digital currency.

Another significant finding in the report was a 37% increase in IoT malware in H1 2023, with connected devices viewed as weak point of entry into organizations.

The researchers also identified a total of 172,146 never-before-seen malware variants in the first six months of 2023, which is a 36% reduction year-over-year. This suggests “bad actors are spending less time on research and development, and more time on volume-based attacks – utilizing open-source tools that may be less likely to be intercepted,” the report noted.

On July 26, 2023, a report from Sophos found that the education sector had a higher share of ransomware victims than any other in 2022.

What’s hot on Infosecurity Magazine?