Experts from Kaspersky have raised alarms about the proliferation and increased sophistication of targeted ransomware groups. According to their latest research unveiled at Kaspersky’s ninth annual Cyber Security Weekend – META in Kuala Lumpur, there has been a staggering 30% surge in the number of targeted ransomware groups globally from 2022 to 2023.
Simultaneously, the number of victims of these attacks has spiked by 70% within the same timeframe, indicating a growing menace in the cyber landscape. Unlike random ransomware attacks that target victims arbitrarily, these groups specifically target governments, high-profile organizations, or selective individuals within an organization, employing sophisticated tactics to extort money.
Kaspersky researchers have closely monitored approximately 60 targeted ransomware groups in 2023, compared to about 46 groups in 2022. They have also uncovered instances of collaboration between these groups, wherein access points into corporate networks and systems are traded among them. This collaboration streamlines the process for launching sophisticated attacks, allowing cybercriminals to save time and delve straight into network reconnaissance or infection.
Despite Kaspersky’s efforts, ransomware payments globally surpassed USD 1.1 billion in 2023, marking an unprecedented high. Senior Security Researcher at Kaspersky, Maher Yamout, highlights the persistent and extortionate nature of these targeted ransomware groups, noting that they often threaten to make stolen data public if victims refuse to pay the ransom. Additionally, cybercriminals have been known to file complaints against victim organizations for alleged breaches of data protection laws.
To combat these threats, Kaspersky suggests several measures:
– Keeping all devices and systems updated to prevent exploitation of vulnerabilities.
– Establishing offline backups to ensure data recovery in emergencies.
– Installing multi-layered cybersecurity solutions to safeguard against ransomware attacks.
– Leveraging Kaspersky Threat Intelligence for real-time insights on targeted ransomware groups.
– Utilizing free tools such as Kaspersky Anti-Ransomware tool and No More Ransom initiative to block ransomware and decrypt files.
– Conducting employee education and cybersecurity training to mitigate human error, a common entry point for ransomware attacks.
As targeted ransomware attacks continue to evolve and proliferate, proactive measures are crucial to safeguarding businesses and individuals from cyber threats.
