We’ve talked a lot about ransomware attacks in the last several years. But as the years go by, the number of incidents is not being controlled – in fact, incidents of cyber attacks are still on the rise. This week, research was released that detailed the state of ransomware attacks in February 2023, and the results may surprise you.
Cybercriminals have recently shifted from attacking large entities and targeted small companies. However, it seems that organized ransomware groups have no real preference any longer- any size organization is fair game to these guys.
Attacks were tracked by the researcher for the last 12 months, beginning in February 2022. Here are the statistics for ransomware demands that took place in February 2023, and the numbers reflect a record high. (Source: Malwarebytes)
- There were 242 recorded ransomware attacks during the tracked period of February 2023.
- Of these, 126 of them were claimed by the ransomware group LockBit.
- Newcomer group Medusa burst onto the scene in a flurry of activity that resulted in 19 attacks.
- One hundred fifteen of the attacks were on U.S. companies.
- The rest of the attacks were reasonably dispersed, with the following highest numbers being in the U.K. (12), Canada (10), France (10), and Italy (7).
- Eighty-seven incidents – or 36% of the attacks – were against companies in the services industry.
- The rest of the attacks were spread out across multiple industries. These included Logistics (21) and technology and retail businesses with (18) apiece.
- Manufacturing, dedication, and I.T. services firms were the victims of 15 attacks each.
- Food and beverage companies (14), construction companies (13), wholesale operations (9), healthcare facilities (9), and government entities (6) round out the list.
Even High Profile Organizations are at Risk
While small companies are easy targets for ransomware groups because they tend to have less security in place, but that doesn’t mean that they are shy about going for the most prominent targets either. In late February of 2023, the U.S. Marshals Service (USMS), a federal agency, was hit with a ransomware attack. The agency was infiltrated, resulting in confidential information about staff and fugitives being leaked. While attacks on governments worldwide are pretty common, attempts to infiltrate the U.S. federal government are much more rare.
This attack proved that no one is safe from these bold ransomware groups – from a small firms to the most extensive government bureaucracy. The attack made headlines not seen since DarkSide’s Colonial Pipeline attack last year. But unlike that incident, the USMS attack remains a mystery. The criminal outlet behind the hack was not revealed to the public; neither were any details regarding the ransom demanded or paid. The most surprising aspect of this attack is that the known ransomware gangs are rarely this bold, and it seems puzzling that they would actually expect to receive payment. It will be interesting to learn more as details emerge as to who was behind the attack and what motivated them. The most likely scenario is that members of a ransomware group went rogue and broke the “code of conduct” for their own criminal enterprise.
At Alliance IT, we specialize in helping small to medium size businesses to fortify and protect their data and information. From everyday security to ransomware protection, we are the Sarasota experts to call.