Recent data from Ransomlooker, a Cybernews tool dedicated to monitoring the dark web and hidden corners of the internet, reveals compelling insights into the prevalence and patterns of ransomware attacks throughout 2023.
Seasonal Patterns of Ransomware Attacks
Analysis of the Ransomlooker data highlights distinct seasonal trends in ransomware incidents:
- Spring and Summer: 1253 and 1275 ransomware victims, respectively.
- Winter and Autumn: 611 and 1052 incidents, respectively.
Interestingly, winter emerges as the least active time, comprising only 14.6% of the total attacks in 2023, while summer stands out as the peak season, with 30.4% of all recorded ransomware attacks.
Daily Impact: Averaging 36 Successful Attacks per Day
Ransomlooker data indicates an alarming frequency of ransomware attacks:
- Average of 36 successful attacks per day in 2023.
- More than one successful attack against a company per hour.
Global Targets: USA Takes the Lead
The United States consistently holds the undesirable position of the most targeted country globally, outpacing others significantly. The top five targeted countries, maintaining their positions over the past four years, include the United Kingdom, Canada, Germany, and France.
Notably, economically and technologically advanced countries like Italy, Australia, and Spain consistently find a spot in the top ten. Surprisingly, India and Brazil, despite their less progressive economies, remain on the top 12 list, reflecting their limited investment in advanced cybersecurity practices and heightened susceptibility to ransom attacks.
Active Ransomware Groups: LockBit Dominates
According to insights from the Cybernews research team, 66 active ransomware groups operated in the digital landscape in 2023. The top 10 groups collectively accounted for 59% of total victims.
LockBit emerged as the most active group, claiming responsibility for a significant portion of incidents:
- 1009 incidents, constituting nearly a quarter of all ransomware victims in 2023.
- Focus on the construction, manufacturing/industrial, and retail industries.
Industries Under Siege
The recent findings from Ransomlooker shed light on the evolving landscape of ransomware attacks, with a notable shift in targeted industries. The top three companies in the crosshairs of cybercriminals in 2023 include Stanford University, Volt, and CoinBase.
The data reveals the top 10 industries most targeted by ransomware groups, marking a departure from trends observed over the past three years:
- IT Services and IT Consulting
- Construction
- Manufacturing and Industrial
- Retail
- Hospitals and Health Care
- Insurance
- Law Practice
- Real Estate
- Software Development
- Machinery Manufacturing
This data signifies a significant shift, as the IT sector now claims the top spot in 2023, dethroning the previously dominant construction industry.
For further details and comprehensive insights, the full report can be accessed here. The data provided in the report encompasses information collected up to December 19th, 2023.