Tag Archive for: high

Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline


Chainalysis got everyone’s attention with their new report. They write, in part:

2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022, which we forewarned in our Mid-Year Crime Update.

Ransomware payments in 2023 surpassed the $1 billion mark, the highest number ever observed. Although 2022 saw a decline in ransomware payment volume, the overall trend line from 2019 to 2023 indicates that ransomware is an escalating problem. Keep in mind that this number does not capture the economic impact of productivity loss and repair costs associated with attacks. This is evident in cases like the ALPHV-BlackCat and Scattered Spider’s bold targeting of MGM resorts. While MGM did not pay the ransom, it estimates damages cost the business over $100 million.

The following figure from their report captures 2023 in terms of the number of different groups, the median ransom payment and frequency of payments per group.  A text description is provided in their report.

Source: Chainalysis

Read more at Chainalysis.

Source…

Ransomware Payments Hit $1bn All-Time High Last Year


Ransomware actors collected over $1bn in extortion money from their victims in 2023 – a record high – according to Chainalysis.

The blockchain analysis company warned that even this is likely to be a conservative estimate of the financial impact of ransomware last year, as new cryptocurrency addresses are likely to be discovered over time. It said the figure for 2022 has already been revised up 24% to $567m, for example.

The figure also does not capture other costs associated with ransomware breaches, such as operational disruption, lost custom and expenses related to third-party incident response and forensics.

Two new regulatory filings from victims Clorox and Johnson Controls late last week revealed an initial combined cost of $76m related to two serious breaches at the companies last year.

Ransomware payments have been on the rise since 2019 when Chainalysis began recording the market, aside from a dip in 2022.

However, 2023 saw a “major escalation in the frequency, scope and volume of attacks,” driven by a surge in the number of groups carrying out attacks. These groups were “attracted by the potential for high profits and lower barriers to entry,” the report revealed.

It claimed big-game hunting from groups like Clop has become the “dominant strategy” over recent years, with more and more payments of $1m or more showing up. Ransomware-as-a-service (RaaS) also continues to have an outsized impact in drawing in more affiliates – many of which target smaller victims with lower ransoms.

As has been the case for several years, the ready availability of hacking tools and initial access broker (IAB) services made their job even easier last year. In the case of big-game hunters, exploitation of zero-day vulnerabilities became more popular, such as in the infamous MOVEit campaign, the report continued.

The past year saw an increase in the use of bridges, instant exchangers and gambling services – alongside centralized exchanges and mixers – as a preferred method of laundering funds.

“We assess that this is a result of takedowns disrupting preferred laundering methods for ransomware, some services’ implementation of more robust AML/KYC policies,…

Source…

Zero-day, supply-chain attacks drove data breach high for 2023


“The complexity of modern software supply chains adds to this challenge, as it can hide potential security flaws and make comprehensive vetting difficult,” Neal adds.

Number of data breaches rise, but fewer victims

While the number of data breaches was up, the ITRC found a decline in the number of victims affected by the compromises, to 353,027,892, a 16% decline from 425,212,090 in 2022. That decline is part of a longer trend. “If you go back to 2018, which was the high point for victim count, we’re down 84%,” Lee says. “Identity thieves have changed their tactics. They’re more targeted, both in what they’re attacking and the information that they’re seeking.”

“Attackers today who want personal identifying information are more able to target the right systems,” Bach says. “If you’re more precise about the systems that you target, there’s going to be less collateral damage. That’s how we can see the number of attacks go up while the number of affected individuals goes down.”

“The breaches we’re seeing affect organizations more directly than individuals,” adds Luciano Allegro, co-founder and CMO of BforeAi, a threat intelligence company. “Many companies have stepped up their data privacy efforts due to GDPR and CCPA, but they are so focused on this aspect of data protection that they overlook the rest of their infrastructure.”

Supply-chain and zero-day attacks will continue to rise

The ITRC also reported that nearly 11% of all publicly traded companies were compromised in 2023 and that while most industries saw modest increases, healthcare, financial services, and transportation reported more than double the number of compromises compared to 2022.

For the coming year, Lee expects breach numbers to continue to trend upwards. “I don’t see any reason for it to go down,” he says. “With the increase in supply-chain and zero-day attacks, I believe we’re going to see another year of increases.”

Source…

UK At High Risk Of ‘Catastrophic Ransomware Attack,’ Parliamentary Committee Warns


The U.K.’s apparent lack of preparedness and insufficient investment in cybersecurity has reportedly left it highly prone to “catastrophic ransomware attacks,” as per a parliamentary committee.

What Happened: The joint committee on the national security strategy has raised concerns about the U.K.’s susceptibility to a cyber-attack capable of disrupting critical national infrastructure or CNI such as energy, water supply, transport, healthcare, and telecommunications services, reported The Guardian.

The committee criticized the U.K. government and the Home Office for their failure to address ransomware threats adequately and underscored their lack of sufficient investment to deter large-scale cyberattacks.

See Also: This AI Can Predict Your Passwords With A 95% Accuracy Rate Based On Your Keyboard Clicks

Recent ransomware attacks on U.K. public services, including the NHS and, Redcar and Cleveland council, were pointed out as indicators of the looming threat. The committee also expressed concerns about the vulnerability of the U.K.’s CNI due to its dependence on outsourced IT systems.

The report warned of potential threats to human lives from future ransomware attacks if cyber criminals manage to interfere with CNI operations. The NHS was identified as a particular area of concern given its outdated IT services and lack of investment.

Additionally, the committee pointed out ransomware groups in Russia, North Korea, and Iran as primary threats targeting the U.K., based on information from the National Cyber Security Centre or NCSC.

Harjinder Singh Lallie, a cybersecurity expert at the University of Warwick, suggested regularly updating operating systems and computer hardware could mitigate overall costs and disruption.

In response to the report, a government spokesperson said, “The UK is well prepared to respond to cyber threats and has taken robust action to improve our cyber defenses, investing £2.6bn under our cyber security strategy and rolling out the first ever government-backed minimum standards for cybersecurity through the NCSC’s cyber essentials scheme.”

Why It Matters: This warning comes on the heels of increased ransomware attacks globally. Just last…

Source…