Ransomware continues to pose a significant threat to global information security, including the META region. According to recent data, ransomware attacks in Nigeria increased by 7% during the first half of 2023 when compared to the same period in 2022.
Last year, the average cost of a ransomware attack was reported to be US$4.54 million, as stated in IBM’s data breach report. Kaspersky’s solutions also detected over 74.2 million attempted ransomware attacks in 2022, marking a 20% increase from the previous year. While the beginning of 2023 witnessed a decline in ransomware attacks, some regions experienced an upward trend, surpassing the numbers seen in the second quarter of 2022.
In the first half of 2023, Nigeria encountered a 7% surge in ransomware attack attempts targeted at both individuals and corporate users compared to the same period in 2022. On the other hand, Kenya saw a 3% decrease in the first half of 2023 compared to 2022. However, when comparing the second quarter of 2023 to the same quarter in 2022, Kenya experienced a 2% increase in ransomware attacks. Fortunately, all these attempts were effectively blocked by Kaspersky solutions.
The threat of ransomware cannot be underestimated, given the increasing sophistication and targeted nature of such attacks. Ransomware attackers are known to target various types of organizations, ranging from healthcare and educational institutions to service providers and industrial enterprises.
At the beginning of 2023, LockBit maintained its position as one of the most prolific ransomware groups globally. However, there were notable changes in the top five most influential and prolific ransomware groups, with REvil and Conti being replaced by Vice Society and BlackCat. The other ransomware groups in the top five at the beginning of 2023 were Clop and Royal.
Dmitry Galov, Head of Kaspersky Global Research and Analysis Team (GReAT), highlighted the motivations behind ransomware attacks, which include the likelihood of getting caught, the potential ransom size, and the technical complexity of the attack. Organizations are strongly advised to invest in robust security solutions to deter ransomware groups from targeting them, as the consequences of such attacks can be catastrophic, leading to information loss, business disruption, reputation damage, and substantial financial losses.
Kaspersky’s security products, including Kaspersky Endpoint Security for Business, Kaspersky Small Office Security, and Kaspersky Internet Security, have demonstrated 100% effectiveness against ransomware attacks in Advanced Threat Protection Test assessments by AV-TEST. These solutions successfully protected user files during ten different full-chain attacks.
To counter ransomware and support victims, various entities, including the National High Tech Crime Unit of the Dutch National Police, Europol’s European Cybercrime Centre, and Kaspersky, jointly launched the No More Ransom initiative in 2016. The initiative offers decryption tools, guidelines, and reporting mechanisms for cybercrimes, helping victims of 173 ransomware families retrieve their data without paying ransoms. Moreover, the initiative aims to raise awareness about ransomware and preventive measures to avoid infections.
Kaspersky provides several guidelines to protect against ransomware attacks, including avoiding exposure of remote desktop/management services to public networks, promptly installing patches for VPN solutions, keeping software updated to prevent exploitation of vulnerabilities, focusing on detecting lateral movements and data exfiltration, regularly backing up data with offline strategies, refraining from downloading pirated or unknown software, and assessing supply chain and managed services’ access to the environment.
Additionally, Kaspersky recommends employee education, using endpoint security solutions such as Kaspersky Endpoint Detection and Response Expert and Kaspersky Managed Detection and Response, and staying informed about threat intelligence through the Kaspersky Threat Intelligence Portal. These measures collectively contribute to bolstering the defense against ransomware attacks and ensuring greater security for individuals and businesses alike.
