Securin, Inc. released its comprehensive "2023 Year in Review: Ransomware" report, revealing a worrying escalation in ransomware attacks that defied earlier hopes of a decline. The report paints a detailed picture of the ransomware landscape, indicating a surge in attacks that impacted businesses, governments, and critical infrastructures.
The key findings of the report are alarming: a significant jump in ransomware-associated vulnerabilities, with numbers rising from 344 in 2022 to 382 in 2023. The most exploited of these was the Progress MOVEit Transfer Vulnerability (CVE-2023-34362), which alone compromised over 1,000 organizations and affected around 60 million individuals.
In 2023, the cyber world witnessed the emergence of ten new ransomware families, including Akira, Bloody, and INC, bringing the total to 188 active families. Securin’s experts also highlighted the adoption of ransomware tactics by three known advanced persistent threat (APT) groups—Scattered Spider, FIN8, and RomCom.
Notably, Cl0p, BlackCat, and Vice Society were identified as the most active ransomware groups of 2023, orchestrating high-profile attacks on entities like MGM Resorts and the Industrial and Commercial Bank of China.
Ram Movva, CEO and co-founder of Securin, expressed his concerns, stating, "These discoveries are alarming, but they are far from surprising. Talking to our customers over the last year, we have heard the same thing over and over again: the attacks, successful or thwarted, just keep coming." He underscored the challenges posed by the talent shortage and reduced IT budgets, emphasizing the need for organizations to tackle these issues proactively.
The report also offers a deep dive into the specific vulnerabilities exploited in the most significant attacks of 2023. It provides practical advice for organizations to defend against and prevent such attacks, including the importance of education and training, regular software updates, and effective patch management.
Movva further commented on the urgency of addressing major vulnerabilities, often overlooked despite increased vigilance. He pointed out the struggles of third-party software manufacturers and repositories like the NVD and MITRE in staying abreast of active threats. Movva highlighted Securin’s predictive platform as a crucial tool that has been helping their customers by identifying active threats before they are weaponized by ransomware gangs.
The 2023 report by Securin serves as a stark reminder of the evolving and increasingly sophisticated nature of ransomware attacks, urging organizations to adopt a more proactive and informed approach to cybersecurity in 2024.