- Best early anti-Prime Day deals to shop in October 2024
- Best Prime Day deals under $100 to shop in October 2024
- One of the most reliable power banks I've tested is not made by Anker or Baseus
- EcoFlow portable power stations are over 50% off with these early Prime Day deals
- It’s Time to Sound the Alarm on SMB Cyber Threats
Half of Ransomware Groups Operating in 2023 Are New
Almost half (29) of the 60 ransomware groups tracked by WithSecure in 2023 began operations this year, the security vendor has claimed.
WithSecure’s analysis found that, although more established groups (8Base, Alphv/BlackCat, Clop, LockBit and Play) accounted for over half of data leaks in the first nine months of 2023, the new wave of ransomware variants is having an impact on the market.
It claimed groups that began operating in 2023 accounted for 25% of data leaks in the period, helping to drive a 50% year-on-year (YoY) increase in data leaks.
Many of these new players – like Royal, Akira and Blacksuit – can be traced back to Conti, whose code was leaked after an infamous data breach.
The source code for Lockbit and Babuk was also leaked, by disgruntled affiliates, and subsequently used by other ransomware gangs, WithSecure said.
Read more on ransomware: LockBit Dominates Ransomware Campaigns in 2022: Deep Instinct
“Data leaks aren’t the only thing that leads to older groups cross-pollinating younger ones. Ransomware gangs have staff just like an IT company. And like an IT company, people change jobs sometimes, and bring their unique skills and knowledge with them,” the security vendor explained in a blog post.
“Unlike legit IT companies, however, there’s nothing stopping a cyber-criminal from taking proprietary resources (such as code or tools) from one ransomware operations and using it at another. There’s no honor among thieves.”
However, this lack of innovation could be good news for network defenders as it will make incident response and cyber-resilience efforts easier.
“If ransomware’s evolution consists of Darwinian variations of the same basic things, organizations can pretty much know what to expect and prepare for the inevitable day when ransomware gangs knock on their digital door,” WithSecure concluded.
In related news, over half (54%) of UK enterprises and two-thirds (65%) of SMBs don’t think or aren’t sure if they’re a ransomware target, according to new data from OpenText.
The firm’s 2023 OpenText Cybersecurity Global Ransomware Survey revealed a worrying “optimism bias,” in spite of the fact that nearly half (46%) of enterprises and SMBs admitted they’ve already suffered a ransomware attack.