With 2023 concluded, the following provides an analysis of the ransomware threat landscape with year-on- year comparisons and trend predictions for 2024, to support organisations in implementing security measures for the year ahead. In this section of the report, we will discuss the trends that have emerged throughout the year and their implications, how these differ from what we have found in previous annual reports, and what we expect going forward based on existing data.
Figure 7: Global Ransomware Attacks by Month
First and foremost, an interesting observation to note is that from 2021-2022 there was in fact a miniscule 5% decrease in ransomware cases year-on-year, from 2667 to 2531 incidents, which contrasts heavily with our findings for 2022-2023 where there was a huge 84% increase from 2531 to 4667. As is easily interpretable from Figure 7, and as we have referred to throughout the year, 2023’s monthly totals consistently surpassed those of 2022, when there was a far more sporadic distribution between 2021 and 2022. To highlight how significant 2023’s comparative increases were, the mean number of attacks for 2021 was 222, for 2022 it was 211, and for 2023 was a huge 389.
There is a whole host of potential explanations for this huge contrast between 2021/2022 and 2023. From a general heightened understanding of the profit that double extortion ransomware can amass for threat actors, to an increased accessibility of ransomware distributions for affiliates to utilise with the growing number of Ransomware-as-a-Service (RaaS) offerings. While these are all valid and likely contribute in some way, NCC Group strongly consider the frequent uptick of new players in 2023’s ransomware threat landscape to be pushing this figure up further, with an additional 3 arriving in December alone (Hunters, DragonForce and WereWolves).
29
Made with FlippingBook - PDF hosting