Dal report “Ransomware and Extortion 2023” it has emerged that in recent years the threats related to ransomware have increased, but i cybercriminali have further refined their activities, directly threatening victims with online extortion techniques to force them to pay.
What Ransomware and Extortion 2023 says
A direct warning also emerges from the report organizations, who need to evolve their defenses to cope with various data extortion methods. The plans of incident response they must not only include mere technical considerations, but focus above all on safeguarding the company’s reputation.
Additionally, the “Ransomware and Extortion 2023” report by Palo Alto Networks Unit 42analyzes recent incident response cases and analyst ratings from threat intelligence on the threat landscape.
In about 70% of ransomware cases Unit 42 observed at the end of last year, threat actors are specializing in data theft, which is up 30% from mid-2021. Cybercriminals are adopting new techniques, threatening directly to disseminate the stolen data on data leak sites on the dark web.
Targets to target in an enterprise include specific individuals often belonging to the C-suite, with threats and unwanted communications. At the end of 2022, harassment was a factor in about 20% of ransomware attacks.
Ransom demands
In regards to ransom demands, the average request was $650,000, while the average payout was $350,000.
Furthermore, the manufacturing sector was the most targeted in 2022, with 447 organizations compromised and exposed publicly on darkweb sites. Unit 42 believes that outdated software, not updated or patched regularly or easily, and poor tolerance for downtime are to blame.
Attacks on the world’s largest organizations, however, account for a small percentage of these incidents. Indeed in 2022, 30 companies on the Forbes Global 2000 list have been publicly targeted by extortion attempts by groups such as LockBit, Conti, BlackCat, Hive and Black Basta. Since 2019, confidential files of at least 96 of these organizations have ended up being publicly exposed under threat of extortion.
At a country level, the United States is the most affected in 2022, with 1118 organizations publicly compromised. They are followed by the United Kingdom (130) and Germany (129), while the Italian companies were 96.
The full report is available here.