Content, Breach, Content, Malware, Phishing, Ransomware

Ransomware Hit New Attack Highs in May 2023, BlackFog Report Says

Share

May 2023 was a record-breaking month for ransomware attacks, BlackFog said in its newly released report.

154% Ransomware Spike

The cybersecurity provider recorded 66 publicly disclosed ransomware attacks, the highest since January 2020 when it first began to chronicle cyber hijacking events. Of the most active crews, Royal, LockBit and BlackCat stood out with education as the most highly targeted segment for the month, BlackFog said.

BlackFog called May a “watershed moment for ransomware” worldwide in that the attack success rate spiked by 154% over the same month last year. Law firms were part of an increasing emphasis by attackers on data exfiltration as “cyber criminals look for new ways to extort organizations and their clients,” according to BlackFog.

Commenting on the findings, Dr. Darren Williams, BlackFog CEO and founder, said:

"The value of the data continues to climb as cybercriminals look for new ways to extort organizations and their clients. This explains the 233% increase in the services industry this month."

Many Cyberattacks Going Unreported

Here are some additional data from the study:

  • Specific targeting of healthcare, technology, education and government with increases of 81%, 57%, 42% and 33% respectively during May.
  • Unreported attacks are now five times (489%) more than reported attacks.
  • While down from a high of 10 times last month, this owes to the large volume of reported attacks rather than any material change in unreported attacks, which remained relatively constant at 323.
  • In terms of variants, this month saw LockBit and BlackCat continue to dominate with 18.4% and 17.6%, respectively, figures in line with the prior month.
  • It is also consistent with unreported attacks, also dominated by LockBit and BlackCat, with 39.7% and 13.8%, respectively.
  • Illegal networks now dominate exfiltration techniques with 97% of all attacks.
  • A large majority originating and exfiltrating data to China at 42% of the time, with Russia at 10%. The lower exfiltration to Russia can be attributed due to the effect of sanctions.
  • The average ransom payout in the U.S. for May was roughly $328,000, down 20% from Q4, 2022.

Ransomware Hit New Attack Highs in May 2023, BlackFog Report Says

"The value of the data continues to climb as cybercriminals look for new ways to extort organizations and their clients."

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.