In a notable shift, ransomware is evolving into a new era as cybercriminals adapt their strategies to evade security controls, focusing on critical vendors and aiming for larger targets for extortion, according to Resilience’s Midyear 2023 Claims Report.
According to the report, cybercriminals are setting their sights on larger targets, specifically organisations with sensitive data that can meet larger ransom demands. Recent instances include cyberattacks on major entities like MGM Resorts and Caesars Entertainment.
Insights from Resilience also highlighted that vendor cyber risk has taken the lead as the main point of failure in cybersecurity, surpassing phishing attacks. The report indicates that incidents involving third-party vendors constitute 28.9% of their clients’ all-time claims, ahead of phishing at 23.1%.
Threat actors were also found to have broadened their tactics beyond encrypting data and demanding ransoms for decryption keys. Resilience has observed a surge in encryption-less data exfiltration attacks, where criminals threaten to publish sensitive material unless extortion demands are met.
A pivotal event influencing the rise of encryption-less extortion was the significant hack of the MOVEit file transfer platform in May 2023. The breach impacted over 1,000 organisations and more than 60 million individuals, resulting in data theft by a well-known ransomware and extortion gang. This gang continues to coerce payments from victims.
“While Ransomware remains a top concern for our clients, with data from firms like Chainalysis showing 2023 on track to be one of the most active years on record,” Resilience CEO and co-founder Vishaal “V8” Hariprasad said. “However, ransomware risk can be mitigated to the point that victims can choose not to pay a ransom. Resilience data shows only 15% of the overall Resilience client base who experienced an extortion incident in the first half of 2023 elected to pay to resolve an incident.”
What are your thoughts on this story? Please feel free to share your comments below.