According to a survey released on Saturday, the average number of attacks per organization in India reached 2,152 in the first half of 2023, representing a 20% year-over-year rise.
According to a report by cyber security and research company Check Point Research, 48 ransomware groups were identified in H1 2023. Lockbit3 was the most active ransomware at the time.
Additionally, it claimed that the demise of the Ransomware-as-a-Service (RaaS) groups Hive and Conti was related to the rise of new groups like Play. For instance, this group, which was responsible for cyberattacks against the city of Oakland, an attack on the Córdoba Judiciary in Argentina, and an attack on the German hotel chain H-Hotels, targets security managed service providers in order to gain initial access while utilizing up to five years’ worth of security appliance vulnerabilities.
According to Maya Horowitz, VP Research at Check Point Software, “Criminal activities have continued to rise in the first half of the year, with an 8% increase in global weekly cyber-attacks in the second quarter marking the highest volume in two years.”
Horowitz continued, “Even antiquated technology like USB storage drives, which have been collecting dust in desk drawers for a long time, have gained prominence as a virus messenger.
The most victims have been reported in the manufacturing and retail industries, which may indicate a change in ransomware attack tactics.
The research stated that “Ransomware groups have upped their game, exploiting weaknesses in frequently used corporate software and shifting their approach from data encryption to data theft.”
Notably, USB devices have come back into play as serious dangers, with both state-affiliated organizations and cybercriminals using USB drives as vectors for infecting organizations around the world.
The paper also stated that the misuse of artificial intelligence (AI) has increased, with generative AI tools being used to create ransomware code, keystroke monitoring malware, and phishing emails. This calls for stricter regulatory measures.
Undoubtedly, a different survey released this week also showed that, despite a minor drop in ransomware occurrences, the volume and effect of targeted attacks are increasing. According to cybersecurity company Fortinet, hackers are increasingly more selective in their attacks and prefer to infect valuable corporations over individual consumers.
“In search of greater rewards, more experienced attackers have recently switched to targeted ransomware techniques. According to Derek Manky, Chief Security Strategist & Global VP Threat Intelligence, “These attackers use customized tactics, techniques, and procedures to target very specific organizations based on their capacity to pay large ransoms.”
Researchers from the cyber security company CyberArk said that these attackers are incredibly resourceful and frequently go to considerable efforts to comprehend a victim’s technology stack in order to find and exploit vulnerabilities and to determine which data is the most valuable to encrypt and hold for ransom.
While cyber security teams are getting better at spotting threats, according to John Shier, field CTO at Sophos, attackers are also enhancing their tactics.
According to a report released on Thursday, the outcome revealed that even though “dwell times,” which measure the amount of time between the start of an attack and its detection, decreased by two percentage points, newer and more sophisticated cyber threats are still evolving as threat actors speed up their attacks and adopt new tactics.