A 143% increase in ransomware victims is attributed to zero-day exploits.
Cloud firm Akamai’s report indicates that in the past 6 months, hacker groups have transitioned from phishing techniques to exploiting vulnerabilities, causing a surge in affected victims.
Titled ‘Ransomware on the Move: Evolving Exploitation Techniques and the Active Pursuit of Zero-Days’, the study highlights several statistics on cyberattack patterns. Notably, it emphasizes a 143% YoY surge in victims during Q1, driven by a rise in zero-day and one-day vulnerabilities.
Zero-day vulnerabilities refer to unidentified software security flaws or those without a current solution.
The report suggests that ransomware groups are primarily focusing on extracting files for extortion. Shockingly, some victims faced attacks from two separate ransomware groups within the report’s timeframe. Additionally, victims of multiple attacks have a nearly six-fold chance of another attack within three months of the initial breach.
Most ransomware victims in the EMEA region belong to organizations earning up to US$50 million in revenue. The rationale is that smaller firms, potentially with fewer security resources, are more vulnerable.
Regarding industries, the most susceptible to ransomware attacks in EMEA are manufacturing, business services, retail, construction, and education. These sectors are at higher risk due to their reliance on specialized and older operating systems and an expanded attack environment stemming from a high number of connected devices.
When identifying the perpetrators, CL0P’s presence in the EMEA ransomware scene has grown eleven-fold. In contrast, LockBit malware accounted for 45% of the region’s attacks, and it played a dominant role in sectors like manufacturing, business services, and retail.
Richard Meeus, Director of Security Technology and Strategy at Akamai, remarked, “Ransomware remains a significant threat for diverse organizations. It is imperative for businesses to recognize the evolving nature of ransomware and fortify their defenses through a comprehensive cybersecurity approach and training against social engineering.”
This narrative of escalating attacks resonates with other industry observations. For instance, in June, Verizon highlighted that the average cost per ransomware attack has surged in the past two years. Simultaneously, Orange Cyberdefense mentioned that Q1 saw an unprecedented volume of cyber extortion attacks. Nokia reported a substantial rise in IoT devices used for DDoS attacks, from 200,000 last year to over 1 million now.
Emerging telecom technologies, especially those supporting IoT expansion, bring numerous benefits but also introduce more avenues for malicious activities. If these trends persist, it might tarnish the reputation of the IoT sector in the coming years.