Ransomware and extortion incidents surged by 67% in 2023, according to NTT Security Holdings’ 2024 Global Threat Intelligence Report.
Global ransomware crisis
After a down year in 2022, ransomware and extortion incidents increased in 2023. More than 5,000 ransomware victims were detected or posted across multiple social channels, up from approximately 3,000 in 2022. The number of victims is likely higher because the research does not reflect incidents where ransoms were paid before the listing was made public.
“Our 2023 report highlighted the increase in cyberthreats affecting day to day life, economic conditions, and privacy,” said Jeremy Nichols, NTT Security Holdings’ Global Threat Intelligence Center director. “We expect this to soar in 2024 as threat actors create more sophisticated attacks using artificial intelligence to exploit growing attack surfaces and take advantage of limited cyber budgets and staff shortages.”
Ransomware gangs threaten to leak sensitive healthcare data
Critical infrastructure, supply chain, and financial services face the most risk. The top sectors threat actors are attacking require near perfect uptime because service disruptions can affect lives, making them more likely to pay a ransom to restore access to their vital systems and data. Manufacturing topped the list of attack sectors in 2023 at 25.66% and had the most ransomware victims posted on social channels with 27.75%.
Ransomware gangs and affiliates are using less moral and ethical tactics to obtain payments. They are targeting sectors previously considered off limits, including healthcare, non-profits, and energy companies. They have threatened to release sensitive medical photos or patient records if ransoms are not paid.
Small and medium-sized enterprises face the largest challenge combating cyberthreats. More than 50% of ransomware victims had less than 200 employees while 66% had less than 500 employees, according to the research.
Humans remain the weakest link in cybersecurity
Threat actors continue to exploit vulnerabilities and zero days in the most popular software programs. The list of corporate software options and new vulnerabilities continues to increase while malicious software simultaneously evolves, using generative AI to quickly integrate and exploit high and critical severity vulnerabilities.
Humans remain the weakest link in cybersecurity, and it is getting worse. Hybrid cloud environments, bring your own device, and third-party integrations have expanded the attack surface for most organizations. Cybersecurity roles and responsibilities are expanding, cyber budgets are getting slashed, and there are more tools to complete these responsibilities, increasing staff fatigue and burnout.
“Organizations are struggling to defend against routine exploitation, malware, and ransom or extortion threats,” Nichols concluded.