Ransomware attacks surged by nearly 100% last year, reaching approximately 4,200 cases compared to 2,200 in 2022, according to the latest report from threat intelligence firm Cyble. The study, titled Cyble’s Threat Landscape Report 2023-24, warned that the proliferation of artificial intelligence (AI) technology is set to significantly enhance the effectiveness of social engineering attacks. By leveraging AI-driven advancements, attackers are able to create highly personalized and convincing tactics for social engineering.
The United States experienced the highest number of ransomware attacks, with India’s governmental institutions, law enforcement agencies, and banking, financial services, and insurance sectors being the prime targets after the US. The professional services, manufacturing, and construction sectors were the most frequently attacked industries throughout the year. However, the healthcare, transportation and logistics, and energy and utilities sectors also faced severe attacks.
The report revealed that ransomware groups like Lockbit, ALPHV, and CL0P accounted for over 42% of the total ransomware attacks in the past year. In terms of global reach, ransomware attacks were reported in 117 countries, with organizations based in the US, the UK, Canada, Germany, and Italy being targeted the most, making up 65% of total attacks.
Despite the rise in ransomware attacks, sustaining the reputation for ransomware groups has become increasingly challenging. This is due to declining ransom payments, heightened enforcement actions by law enforcement agencies, the need for continuous innovation to remain undetected, the disintegration of affiliate networks, and the emergence of smaller, covert groups willing to settle for lower payouts.
The report also highlighted a notable increase in deception-based attacks, which involve SEO poisoning, malvertising, QR codes, and open-source package supply chain attacks. QR fraud, specifically, refers to scams using QR codes. Scammers employ quishing tactics by sending phishing emails containing QR codes, masquerading as reputable companies. These emails often falsely claim issues like failed online payments, urging victims to scan QR codes and provide their credit card information.
In 2023, threat actors expanded their language toolkit by incorporating languages such as Rust, Go, and Nim. This transition deviated from traditional programming languages like Microsoft Visual C++, C# .Net, and Java that had been commonly used for such purposes.
As the threat landscape continues to evolve, organizations must remain vigilant in their cybersecurity efforts. Implementing robust security measures, employee awareness training, and adopting the latest technologies to detect and prevent attacks are crucial steps in safeguarding against the increasing potency of social engineering and ransomware attacks.
This alarming reality serves as a reminder that cybersecurity should remain a top priority for governments, businesses, and individuals alike. Heightened awareness, proactive defenses, and collaborative efforts are essential to effectively combat the evolving threat landscape and protect digital assets.