- 퀄컴, 베트남 빈AI의 생성형 AI 부문 ‘모비안AI’ 인수··· AI 솔루션 고도화 박차
- 블로그 | 정치적 격동기에 IT 리더가 할 수 있는 역할
- 완전 자율 주행 자동차가 관광 산업에도 영향··· 웨이모, ‘2025 관광 영향 보고서’ 발간
- European cloud group invests to create what it dubs “Trump-proof cloud services”
- The OnePlus 12 is still a powerhouse in 2025 - and it's on sale for a limited time
Continued MOVEit Exploitation Drives Record Ransomware Attacks
Ransomware attacks hit record levels in July 2023, driven by the Clop gang’s continued exploitation of the MOVEit vulnerability, according to NCC Group’s Threat Intelligence team.
The researchers observed the largest volume of ransomware attacks in a single month in July, at 502. This represents a 154% year-on-year rise compared to July 2022, and a 16% increase on the previous month, June 2023.
The report found that the notorious Clop group was responsible for 171 of the 502 ransomware attacks in July (34%), as it continues to target global organizations via the MOVEit file transfer flaw.
A number of household names have been affected by the zero-day vulnerability, including the BBC, BA, Boots and the government of Nova Scotia, leading to millions of end users’ data being compromised.
The second most active threat actor in July was Lockbit 3.0, responsible for 50 (10%) of attacks.
Additionally, the researchers observed activity from new threat actors following the reinvention and rebranding of existing groups. This includes Noescape, believed to be a rebrand of Avaddon, which accounted for 16 attacks in July.
Most Impacted Verticals
The report found that industrial organizations were most heavily targeted by ransomware in July, compromising 155 (31%) of attacks. This was followed by consumer cyclicals (16%) and technology (14%).
Over half (55%) of attacks targeted the North America region, which was a small increase from June 2023 (51%). Europe was the next most targeted by ransomware, experiencing 43 attacks (8.5%), followed by Asia (7%).
Matt Hull, Global Head of Threat Intelligence at NCC Group, commented: “Record levels of ransomware attacks in July, topping the previous spike in June, demonstrate the continued evolving and pervasive nature of the threat landscape globally. We are still seeing many organizations are still contending with the impact of Clop’s MOVEit attack, which goes to show just how far-reaching and long-lasting ransomware attacks can be – no organization or individual is safe.”
Earlier in August, Comparitech provided insights on the enormous global costs of ransomware attacks on the manufacturing sector in the first half of 2023.
