Ransomware attacks continue at a record-breaking pace with Q3 2023 global ransomware attack frequency up 11% over Q2 and 95% year-over-year, according to figures from cyber underwriter Corvus Insurance.
In its report for the previous quarter, Corvus noted a significant resurgence in global ransomware attacks, which has continued through the third quarter. Now, with two months remaining in the year, the number of ransomware victims in 2023 has already surpassed what was observed for 2021 and 2022. Corvus says that if the trajectory continues, 2023 will be the first year with more than 4,000 ransomware victims posted on leak sites (2,670 in 2022).
Corvus says the CL0P ransomware group has played a major role in this spike in 2023 ransomware activity. CL0P sprung to life in Q1 by exploiting GoAnywhere file transfer software, which impacted more than 130 victims. In Q2, CL0P struck again with the solo use of a mass zero-day exploit by a ransomware group targeting a vulnerability in the MOVEit file transfer software, which impacted 264 victims at the time of this report. The single MOVEit vulnerability accounted for 9% of victims listed in Q2 and 13% of victims listed in Q3. Even without these CL0P spikes in attack activity, ransomware numbers would still be up 5% over Q2 and 70% YoY in Q3.
Jason Rebholz, CISO at Corvus Insurance, said: “It’s clear that ransomware attacks are on a record-setting pace for 2023, and based on activity at the end of Q3 and early Q4, we fully expect these numbers to surpass anything we have witnessed in previous years. Aside from these overall numbers, this report demonstrates the impact that a single ransomware group like CL0P can have when they invest in new tactics, which is what we saw with the mass zero-day exploit that wreaked havoc over the second and third quarters.”
The Q3 report also examined which industries experienced the largest spikes in ransomware activity. These include law practices which saw an uptick due in part to the ALPHV ransomware group, which accounted for nearly a quarter of all victims in this industry (+70%). Other industries experiencing spikes included manufacturing (up 60%), oil and gas (142%), and transportation, logistics and storage (50%).
Rebholz added: “Ransomware actors can quickly pivot their focus, and no industry is immune. There's no better time to ensure the right security controls are in place to mitigate the threat.”
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.
YOU MIGHT ALSO LIKE