Ransomware attacks jump 84% in 2023: NCC
Ransomware attacks increased by 84% in 2023, according to global cybersecurity firm NCC Group. It said the 4,667 cases recorded far exceeded its expectations for about 4,000 ransomware attacks in the year.
Although 2023 closed with a 12% drop in ransomware attacks between November and December, the number of attacks was up 45% year-on-year, driven by new threat actors.
NCC said three new groups entered the top ten most active ransomware groups last month: Hunter, thought to be a rebrand of Hive after it was dismantled by Europol and the FBI, ranked in fifth place, followed by DragonForce in sixth and WereWolves in tenth place.
LockBit took the top spot for the most ransomware attacks in December 2023, followed by Cactus, Play and BlackCat.
NCC also tracked more activity from malware families in December, in particular from Hydra mobile malware and Qakbot. Meduza Stealer also resurfaced last month, with a new version that NCC said helps cybercriminals make their attacks more sophisticated through methods such as account takeover, online banking theft and financial fraud.
“The re-emergence of significant malware families helps attackers to develop their own methods of gathering intelligence and understanding vulnerabilities, to prepare for the delivery of ransomware to their victims,” NCC said.
North America and Europe remained the most targeted regions in NCC’s December analysis, accounting for 80% of global attacks. North America recorded 51% of ransomware attacks in December, although down 9% from November, while Europe saw a 29% drop in cases. NCC noted an increase in ransomware attacks in Russia in December, to account for 11% of all attacks in Europe.
Industrials was the most targeted sector in December, NCC said, followed by consumer cyclicals and technology, with healthcare in fourth place, falling out of the top three.
Matt Hull, global head of threat intelligence at NCC Group, said: “Although December saw a slight dip in ransomware levels down from the November statistics, the overall increase from December 2022 is a reminder of the growing cyber threat landscape and the importance of adopting the appropriate preventative measures to mitigate the risk of complex attacks”.
“Closing 2023 with over 4,000 global ransomware attacks is reflective of the sharp rise of cybercriminal activity compared with 2022. Over the year, we’ve seen the development of sophisticated attack methods, allowing both new and old threat groups to exploit vulnerabilities of victims across a range of sectors, and in particular present threats to healthcare, where we’ve seen notable successful attacks over the last 12 months with vast volumes of data being compromised,” he added.