Researchers from Securin have published the latest ransomware threat insights from 2023, including new APT groups, ransomware families and related attacks
ALBUQUERQUE, N.M., Jan. 23, 2024 /PRNewswire-PRWeb/ -- Today Securin, Inc. released its latest ransomware report, examining the prominent cybersecurity threat and documenting how its usage and manipulation by threat groups have evolved in 2023. Hopes that the ransomware threat environment would ease in 2023 proved misguided, with attacks increasing across the board, affecting businesses, governments, critical infrastructure, and more.
The 2023 Year in Review: Ransomware report drives this reality home, identifying 38 new vulnerabilities associated with ransomware in 2023. The report provides a deep dive into the state of ransomware as we head into 2024, with crucial information on newly identified vulnerabilities, insight into significant ransomware attacks, and new ransomware families and APT groups. The top three takeaways from this report include:
- The number of ransomware-associated vulnerabilities climbed significantly, from 344 in 2022 to 382 in 2023. Of these, the most weaponized was the Progress MOVEit Transfer Vulnerability (CVE-2023-34362), which was used to compromise more than 1,000 organizations, affecting 60 million individuals.
- Ten new ransomware families emerged in 2023 including Akira, Bloody and INC, leading to a total of 188 active ransomware families. Along with new families, Securin experts identified three existing advanced persistent threat (APT) groups—Scattered Spider, FIN8, and RomCom—adding ransomware to their arsenal.
- Cl0p, BlackCat, and Vice Society led the pack of ransomware groups in 2023. These three groups were responsible for damaging attacks against MGM Resorts, MOVEit Transfer and the Industrial and Commercial Bank of China.
Commenting on the key takeaways, Ram Movva, CEO and co-founder of Securin, said, "These discoveries are alarming, but they are far from surprising. Talking to our customers over the last year, we have heard the same thing over and over again: the attacks, successful or thwarted, just keep coming. This onslaught, combined with an ongoing talent shortage and slashed IT budgets, has created a combustible situation for organizations of every kind. Addressing these challenges head on, with the best information possible, will be essential to keeping the worst from transpiring in 2024."
The report also delves into the precise vulnerabilities exploited during 2023's most significant attacks. It provides several tips on how organizations can defend against and prevent these attacks, including education and training, regular software updates, patch management, and more.
"The fact is that, despite increased vigilance, major vulnerabilities continue to be ignored," Movva said. "Third-party software manufacturers and repositories like the NVD and MITRE are both struggling to stay fully informed of the active threats facing every organization. Our predictive platform has long been able to fill this gap for our customers, illuminating active threats before ransomware gangs began weaponizing them."
To learn more, the executive summary and the full report can be downloaded here: https://www.securin.io/ransomware-report-2023-year-in-review-download/
About Securin
Securin is a leading provider of tech-enabled cybersecurity solutions, helping hundreds of customers worldwide gain resilience against emerging threats. Our products and services are powered by accurate vulnerability intelligence, human expertise, and automation, enabling enterprises to make critical security decisions to manage their expanding attack surfaces.
For more information, visit http://www.securin.io and follow us on LinkedIn and Twitter.
Media Contact
Jocelyn Disque, Touchdown PR, (512) 599 4015, securin@touchdownpr.com
SOURCE Securin
Share this article