Surge in ransomware attacks surpasses yearly predictions
Global cyber security and software escrow business, NCC Group, through its Threat Intelligence team, has reported a significant increase in ransomware attacks. The past month of November recorded a soaring 67% increase from the same period in 2022. The total figure for ransomware attacks in 2023 now stands at 4,276, surpassing the predicted total of 4,000 for the entire year.
The Industrial sector, agile in digitalisation for enhanced efficiency and productivity, has borne the brunt of these attacks, accounting for over a third of all cases, representing a 28% rise from October. Consumer Cyclicals and Healthcare were the second and third most targeted sectors with 18% and 11% of attacks respectively. The banking malware Carbanak made a return in November, assisting threat groups to gain network access through human entry points, and enabling criminals to control payment processing services.
In November, the number of global ransomware attacks rose 30%, leading to a total of 442 attacks. The figures for November, which ranks as the third most active month of 2023, follow a relatively quieter October, which witnessed 341 incidents. As such, November's figures have contributed significantly towards the total number of global ransomware attacks overrunning the predicted yearly figure of 4,000.
The geographical spread of these cyberattacks saw North America, Europe, and Asia as the top three targeted regions, with respective percentages of 50%, 30%, and 10%. However, there was a conspicuous increase in undisclosed targets, rising from 3 to 7, which suggests that the actual number of targeted regions may be larger.
Notable among the threat actors were LockBit, the most active, with a whopping 73% month-on-month increase in activity from October. This trend served to maintain LockBit's position as the most prominent threat actor throughout 2023, barring the months of March, June, and July. The second place was taken by BlackCat, contributing 11% of attacks in November. The third most active group was Play, which was also recorded as having its most active month in November.
Commenting on the concerning trend, Matt Hull, Global Head of Threat Intelligence at NCC Group, stated, "After a dip in ransomware levels in October, the return to another active month in November brings the total number of ransomware attacks in 2023 - beyond what we predicted. With one month of the year still to go, the total number of attacks has surpassed 4,000 which marks a huge increase from 2021 and 2022, so it will be interesting to see if ransomware levels continue to climb next year."
In light of the incessant attacks, Hull emphasises the critical need for businesses to stay prepared and not become complacent. He sees ransomware groups as typically active in the lead up to Christmas, and hence, advocates for cybersecurity to become a key priority, particularly for the Industrial sector, to improve supply chain resilience.