Analysts at the NCC Group report that the March ransomware victim numbers were the highest in any month over the past three years. The February to March numbers surged 91% from 240 to 459 due largely to the highly publicized GoAnywhere MFT vulnerability that the CLOP ransomware group exploited as a zero-day across 130 known victims in just ten days.
The month’s activity surge in ransomware attacks continues the upward trend NCC has observed since the beginning of the year and illustrates a 62% increase, year-on-year, when compared to March of 2022.
At 147, the industrial sector received the most ransomware attacks, accounting for 32% of all recorded attacks. Though this was an 87% increase in the number from January, proportionally it remained within 1% of all attacks, confirming that the industrial sector remains the most popular target for ransomware.
“Industrials contains possibly the widest variety of industries that provide threat actors with opportunities to extort PII/IP and cause operational disruption to incentivize ransom payments” reads the report.
Naveen Sunkavalley, Chief Architect, Horizon3.ai:
“A significant proportion of vulnerabilities, including CVE-2023-0669, have been exploited by threat actors as zero-days. This will continue to be the case. This means that, no matter how well companies harden their perimeter, they must be prepared for the eventuality of being breached.
“The NCC report lists several tactical steps to protect against the GoAnywhere MFT vulnerability. But the real question is, what are you doing to prepare for the next zero-day? We recommend all companies take a hard look at their internal networks to shore up their threat detection and defense-in-depth practices to prevent a ransomware-type event after breach.”
This number of attacks is crazy high. And it shows that more needs to be done to ensure that IT environments are as secure as possible to bring this number back down to a more “sane” level.
Related
This entry was posted on April 19, 2023 at 3:36 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
March 2023 Had The Most Ransomware Attacks In Three Years
Analysts at the NCC Group report that the March ransomware victim numbers were the highest in any month over the past three years. The February to March numbers surged 91% from 240 to 459 due largely to the highly publicized GoAnywhere MFT vulnerability that the CLOP ransomware group exploited as a zero-day across 130 known victims in just ten days.
The month’s activity surge in ransomware attacks continues the upward trend NCC has observed since the beginning of the year and illustrates a 62% increase, year-on-year, when compared to March of 2022.
At 147, the industrial sector received the most ransomware attacks, accounting for 32% of all recorded attacks. Though this was an 87% increase in the number from January, proportionally it remained within 1% of all attacks, confirming that the industrial sector remains the most popular target for ransomware.
“Industrials contains possibly the widest variety of industries that provide threat actors with opportunities to extort PII/IP and cause operational disruption to incentivize ransom payments” reads the report.
Naveen Sunkavalley, Chief Architect, Horizon3.ai:
“A significant proportion of vulnerabilities, including CVE-2023-0669, have been exploited by threat actors as zero-days. This will continue to be the case. This means that, no matter how well companies harden their perimeter, they must be prepared for the eventuality of being breached.
“The NCC report lists several tactical steps to protect against the GoAnywhere MFT vulnerability. But the real question is, what are you doing to prepare for the next zero-day? We recommend all companies take a hard look at their internal networks to shore up their threat detection and defense-in-depth practices to prevent a ransomware-type event after breach.”
This number of attacks is crazy high. And it shows that more needs to be done to ensure that IT environments are as secure as possible to bring this number back down to a more “sane” level.
Share this:
Like this:
Related
This entry was posted on April 19, 2023 at 3:36 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.