December 8, 2023
By Nick Graham - Solution Architect – Public Sector, Skyhigh Security
As we near the end of 2023, Skyhigh Security has observed a concerning surge in ransomware attacks that have significantly reshaped the cybersecurity landscape. This year has been a challenging one for businesses worldwide, highlighting the critical role of advanced security solutions in combating these threats.
What Have We Seen in the Past?
In both 2021 and 2022, we saw an increase in supply chain attacks. Instead of targeting a single entity, attackers have expanded their reach through supply chain attacks. The 2021 Kaseya attack, which impacted over 1,500 of its managed service provider customers, serves as a prime example. We saw a rise in the tactic of double extortion. Traditionally, ransomware involved encrypting data and demanding a ransom for decryption. However, with double extortion, attackers exfiltrate the data, threatening to leak it publicly if the ransom isn’t paid.
Skyhigh Security’s Analysis of Ransomware Trends
- Supply Chain Vulnerabilities: This year, we witnessed a shift in attack strategies, notably in supply chain attacks. The Kaseya incident in 2021 was a precursor to the more sophisticated attacks we’ve seen this year.
- Double Extortion Techniques: Our team observed an increase in double extortion tactics, where attackers not only encrypt data but also threaten its public release.
- Ransomware as a Service (RaaS): A notable trend in 2023 was the proliferation of RaaS, simplifying the execution of ransomware attacks for cybercriminals.
- Exploitation of Unpatched Systems: Many attacks targeted known vulnerabilities, emphasizing the importance of regular system updates and patch management.
- Phishing as a Gateway: Phishing remained a primary vector for ransomware, underscoring the need for ongoing employee awareness training.
A Record-Breaking September
Skyhigh Security’s global telemetry data indicates a peak in ransomware activity in September, with over 500 attacks recorded. This highlights the need for enhanced cybersecurity vigilance. This spike was heavily influenced by the Clop’s Fortra GoAnywhere data theft attacks. The rapid escalation of such attacks emphasizes the critical need for organizations to enhance their cybersecurity measures.
The Financial Implications
According to the Verizon Data Breach Investigations Report, ransomware was involved in 25% of all breaches in 2022. Research by Chainanalysis also found that ransomware attackers extorted at least $456.8 million this same year, signaling the substantial economic impact of these attacks.
Focus on the Octo Tempest Extortion Group
- Origin and Evolution: Initially known for SIM swap attacks, this group evolved into a formidable force in data extortion by mid-2023.
- Sophisticated Tactics: Our research reveals their use of advanced social engineering, SMS phishing, and extensive reconnaissance in their attacks.
- Tools and Collaboration: Their collaboration with Russian entities and use of sophisticated tools like PingCastle and ADRecon indicate a high level of operational sophistication.
Skyhigh Security’s Commitment
The rise in ransomware attacks in 2023 is not just a statistic; it impacts real businesses and individuals. At Skyhigh Security, we are dedicated to innovating and collaborating to counter these evolving digital threats. Our commitment remains strong to ensure a secure digital future for all.
Join Skyhigh Security in Strengthening Cyber Defenses
As we prepare for 2024, Skyhigh Security invites you to partner with us in fortifying your cyber defenses. We provide comprehensive assessments into your security posture, cutting-edge solutions, and continuous support to safeguard organizations against the evolving threat landscape. Learn how we can tailor a robust cybersecurity strategy using cloud security to protect your critical assets and ensure business continuity. Let’s work together to create a more secure digital world.
Back to Blogs