69% of Organizations Infected by Ransomware in 2023

/in


Over two-thirds (69%) of organizations experienced a successful ransomware incident in the past year, according to Proofpoint’s 2024 State of the Phish report.

This represents a rise of five percentage points compared to the previous year, according to the firm.

Close to 60% of these organizations reported four or more separate ransomware incidents in 2023, emphasizing the scale of this threat.

Over half (54%) of infected organizations admitted they paid a ransom to attackers. This marks a significant reduction on the proportion who paid in the previous year, which was 64%.

Paying a ransom was no guarantee of resolving the issue, with just 41% of organizations who paid regaining access to data after their first payment.

On February 23, 2024, Cybereason published research showing that 78% of organizations who paid a ransom demand were hit by a second ransomware attack, often by the same threat actor.

Almost all (96%) of organizations impacted by ransomware no have cyber insurance. More than nine in 10 (91%) of insurers helped with ransom payments in 2023, up from 82% in 2022.

Read here: LockBit Takedown: What You Need to Know about Operation Cronos

MFA Bypass and Other Social Engineering Trends

The Proofpoint research highlighted that attackers are increasingly using advanced techniques to bypass multifactor authentication (MFA). Typically, these techniques involve proxy servers to intercept MFA tokens, with several off-the-shelf phishing kits now including MFA bypass functionality.

For example, the company said it observes around one million phishing threats use the EvilProxy framework every month. This tool is based on a reverse proxy architecture which is designed to harvest MFA-protected credentials and session cookies.

Despite the growing availability of MFA bypass capabilities, 89% of cybersecurity professionals surveyed still consider MFA to provide complete protection against account takeover.

Attackers are evolving their social engineering techniques in a range of other ways. This includes an increase in the use of QR codes as an alternative to links or attachments in phishing messages.

The researchers noted that this technique is particularly dangerous as…

Source…