Hackers fleeced victims of more than $1.1 billion last year, thanks to a significant resurgence among random ware groups.
The news comes as the NCSC issues a warning about state-sponsored cyber attackers hiding on critical infrastructure networks.
In 2023, cybercriminals intensified their worldwide activities after a downturn in 2022, with hospitals, schools, and large corporations falling victim.
According to a report from the blockchain platform, Chainalysis, payments to criminal gangs in the wake of attacks doubled compared with 2022 when $567m was paid out.
The report noted that last year saw a rise in “big game hunting” tactics used, resulting in a larger portion of ransom payments exceeding $1 million, primarily targeting wealthier organisations.
This coincides with a new warning by the NCSC to critical infrastructure operators, regarding the threat posed by cyber attackers employing advanced methods to conceal their actions on victims’ networks.
Cybersecurity expert Andy Ward, VP International for Absolute Software, said: “The heightened risk of cyber-attacks, especially with the increasing volume of ransomware threats, makes larger organisations with vulnerable security systems a prime target.
“Ransomware threats do not discriminate across any business or sector, posing a significant global concern, especially when targeting critical national infrastructure.
Cybercriminals are persistently exploiting ransomware attacks, which pose a detrimental risk to businesses that aren’t sufficiently prepared
“Given the significant harm ransomware threats pose, organisations should be urged to implement a well-rounded cybersecurity strategy that includes both preventative and reactive actions. This involves evaluating existing cyber defences, adopting strong Zero Trust frameworks for verifying user identities, and setting up effective incident response plans”
Recorded Future reported 538 new ransomware variants last year, signalling the rise of fresh, autonomous groups. Notably, the Clop group emerged as a prominent player, acknowledging its role in the hack of payroll provider Zellis.
This attack exploited a vulnerability in MOVEit software, utilised for internal file transfers. Among the affected customers were British Airways, Boots, and the BBC.
Suid Adeyanju, CEO of RiverSafe said: “Cybercriminals are persistently exploiting ransomware attacks, which pose a detrimental risk to businesses that aren’t sufficiently prepared.
“As these ransomware attacks surge, especially against critical national infrastructure, organisations must increase their threat intelligence, adopting a comprehensive strategy that blends advanced technologies and heightened observability to better protect against the increased complexity of attacks.
“These attacks show no sign of slowing down, so taking measures to secure data and mitigate cyber risks should be a top priority for these organisations.”
Ellie Ludlam, a partner specialising in cybersecurity at UK law firm Pinsent Masons, said she expected the increase in attacks to continue.
“This increase is expected to continue in 2024 and with an ongoing focus on mass data exfiltration by threat actor groups, which holds the potential for higher ransom payments by impacted companies,” she said.
Related
Huge ransomware attack affects businesses across Europe
One in fuve companies are victims of cyber attacks
How to protect your business against ransomware