I have to admit that this has stunned me as the conventional thinking is that you don’t pay threat actors to get your data back. But apparently there are plenty of people don’t buy into that as this report states that ransomware payments exceed $1 Billion in 2023:
In 2023, ransomware actors intensified their operations, targeting high-profile institutions and critical infrastructure, including hospitals, schools, and government agencies. Major ransomware supply chain attacks were carried out exploiting the ubiquitous file transfer software MOVEit, impacting companies ranging from the BBC to British Airways. As a result of these attacks and others, ransomware gangs reached an unprecedented milestone, surpassing $1 billion in extorted cryptocurrency payments from victims.
And:
2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022, which we forewarned in our Mid-Year Crime Update.
Ken Westin, Field CISO, Panther Labs had this comment:
The fact the numbers have increased this year shouldn’t be surprising. Ransomware groups operating in Russia were emboldened by the Ukraine conflict and many ransomware groups removed a lot of restrictions they previously had regarding targeting of schools, government agencies and critical infrastructure. The exploitation of software vulnerabilities such as MOVEit has also played a devastating role in the compromise of companies and institutions. Many IT departments were unaware the tool was running in their environments. In addition to the money paid to ransomware gangs, there is also the increasing cost of damage imposed by ransomware on organizations that don’t pay the ransom.
This has to serve as a wake up call that all of us can no longer sleepwalk though this ransomware crisis. Everyone needs to take action. Every part of a defensive playbook from detection, remediation, and a no paying threat actors policy needs to be on the table and acted upon. Because this is the only way to stop this crisis.
Related
This entry was posted on February 7, 2024 at 10:32 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Ransomware Payments Exceed $1 Billion In 2023….. WTF?
I have to admit that this has stunned me as the conventional thinking is that you don’t pay threat actors to get your data back. But apparently there are plenty of people don’t buy into that as this report states that ransomware payments exceed $1 Billion in 2023:
In 2023, ransomware actors intensified their operations, targeting high-profile institutions and critical infrastructure, including hospitals, schools, and government agencies. Major ransomware supply chain attacks were carried out exploiting the ubiquitous file transfer software MOVEit, impacting companies ranging from the BBC to British Airways. As a result of these attacks and others, ransomware gangs reached an unprecedented milestone, surpassing $1 billion in extorted cryptocurrency payments from victims.
And:
2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022, which we forewarned in our Mid-Year Crime Update.
Ken Westin, Field CISO, Panther Labs had this comment:
The fact the numbers have increased this year shouldn’t be surprising. Ransomware groups operating in Russia were emboldened by the Ukraine conflict and many ransomware groups removed a lot of restrictions they previously had regarding targeting of schools, government agencies and critical infrastructure. The exploitation of software vulnerabilities such as MOVEit has also played a devastating role in the compromise of companies and institutions. Many IT departments were unaware the tool was running in their environments. In addition to the money paid to ransomware gangs, there is also the increasing cost of damage imposed by ransomware on organizations that don’t pay the ransom.
This has to serve as a wake up call that all of us can no longer sleepwalk though this ransomware crisis. Everyone needs to take action. Every part of a defensive playbook from detection, remediation, and a no paying threat actors policy needs to be on the table and acted upon. Because this is the only way to stop this crisis.
Share this:
Like this:
Related
This entry was posted on February 7, 2024 at 10:32 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.