HomeCII/OTMedian Ransomware Demands Increase to $600,000 Each

Median Ransomware Demands Increase to $600,000 Each

Published on

spot_img

Ransomware attacks are wreaking havoc on various industries, with the median initial ransom demands for 2023 rising by 20% to reach $600,000, according to Arctic Wolf’s annual cybercrime report. The legal, government, retail, and energy sectors have been particularly hard hit, now seeing median demands of $1 million or more.

The Arctic Wolf report, released this week, revealed that the manufacturing vertical was the most heavily targeted industry, with 708 instances of attacks listed on various Dark Web leak sites. This is likely due to the fact that production downtime poses an existential threat to factories, making them ripe targets for extortion.

Close behind manufacturing, business services was the next most commonly listed industry sector on ransomware gangs’ Dark Web sites with 450 instances, followed by education/nonprofit (321), and retail/wholesale (305).

The report also highlighted the key players behind these attacks, with three main groups—LockBit 3.0, BlackCat/ALPHV, and Cl0p—emerging as the primary threat actors. While there are dozens of smaller operators in the ransomware space, these groups dominated the cybercrime landscape. LockBit in particular accounted for 926 attacks in Arctic Wolf’s telemetry, more than twice the 402 carried out by its nearest competitor, BlackCat, and 381 attacks attributed to Cl0p.

These findings were echoed by other researchers in the field. Don Smith, vice president of threat intelligence at Secureworks Counter Threat Unit, noted that LockBit holds a 25% share of the ransomware market, with BlackCat coming in second at around 8.5%. Smith emphasized the significance of LockBit’s takedown, calling the group the most prolific and dominant ransomware operator.

He added that LockBit had positioned itself as a global business opportunity and had scaled its operations through affiliates at a rate that far outstripped its competitors.

Ransomware attacks have become a lucrative and attractive business for cybercriminals, as they continue to target a wide range of industries, holding critical systems and data hostage until their demands are met. With the median initial ransom demands rising to $600,000 and some sectors facing demands of $1 million or more, the impact of these attacks on organizations and the broader economy cannot be overstated.

Law enforcement agencies around the world are actively working to disrupt these ransomware operations, but the increasing prevalence and sophistication of these attacks underscore the need for organizations to prioritize cybersecurity and take proactive measures to protect their networks, systems, and data. As threat actors continue to evolve their tactics, organizations must also adapt their security posture to effectively defend against these growing cyber threats.

Source link

Latest articles

Malicious Google Notes Extension Changes Crypto Wallet Addresses During Transactions

Malicious Chromium Extension Undermines Cryptocurrency Transactions In recent cybersecurity news, a highly sophisticated campaign has...

AI-Generated Ransomware Exploits Chromium API on Windows and Android

Emergence of Browser-Only Ransomware Marks a New Era in Cyber Threats Cybersecurity researchers have identified...

Sandbox Bypass Vulnerabilities in Cursor IDE Spotlight Prompt Injection as a RCE Vector

Cursor, a prominent software company recently acquired by SpaceX for a staggering $60 billion...

Quantum Breakthroughs Compress Post-Quantum Computing Timeline

Next-Generation Technologies & Secure Development Microsoft, Google and AWS cite major...

More like this

Malicious Google Notes Extension Changes Crypto Wallet Addresses During Transactions

Malicious Chromium Extension Undermines Cryptocurrency Transactions In recent cybersecurity news, a highly sophisticated campaign has...

AI-Generated Ransomware Exploits Chromium API on Windows and Android

Emergence of Browser-Only Ransomware Marks a New Era in Cyber Threats Cybersecurity researchers have identified...

Sandbox Bypass Vulnerabilities in Cursor IDE Spotlight Prompt Injection as a RCE Vector

Cursor, a prominent software company recently acquired by SpaceX for a staggering $60 billion...