InfoSecBulletin Cybersecurity for mankind
In 2023, over 6,500 ransomware attacks were reported, affecting a record 117 countries worldwide after a decline in 2022.
Ransomware incidents rose 73% year-over-year to 6,670, with significant increases in June and July linked to a widely used file transfer tool.
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
CISA, FBI Warns
Hacker compromised multiple teleco network at US
The Ransomware Task Force, established in 2021 by the nonprofit Institute for Security and Technology, is a public/private group of cybersecurity experts and government officials compiled the numbers.
In its 2023 annual report, the organization relied on data from eCrime.ch, which gathers messages from data leak sites.
The task force found that 117 countries were impacted by ransomware incidents from 66 different groups. In 2022, there were 105 countries and 58 gangs involved.
Global Ransomware Incidents: Year-Over-Year Change:
In 2023, ransomware activity increased in South Asia and South America, particularly in Iran, Pakistan, Brazil, and India. Brazil’s presidential office and India’s hospitals and financial systems were notably targeted.
LockBit and AlphV, two ransomware-as-a-service groups shut down by law enforcement this year, were the most active in various regions. They mainly targeted the construction, healthcare, and IT sectors.
Timeline of Incidents by Ransomware Group:
Some experts think that ransomware gangs may exaggerate claims about victims on leak sites. However, eCrime.ch’s statistics align with reports from the FBI and Chainalysis, which indicate that 2023 saw a record number of ransomware complaints and profits from these attacks.
The Ransomware Task Force expressed concern over the growing scale, frequency, and complexity of ransomware incidents as cybercriminals improve the RaaS model.
“The fundamental criminal effectiveness of the RaaS model has not changed, and these crimes continue to grow more profitable over time. Additional efforts must be taken in 2024 and beyond to disrupt this model,” the group said.
Global Ransomware Incidents by Country:
The report indicates that half of the 2021 ransomware task force recommendations are still unmet. Although progress has been made in incident reporting and global cooperation, efforts to stop ransom payments have been limited. Law enforcement urges victims not to pay ransoms if they can avoid it.
Global Ransomware Incidents by Month, 2023:
In April, the Ransomware Task Force stated that although some recommendations need new laws, many efforts to prepare organizations for attacks and support victims are still lacking.
“Governments have not taken all necessary further actions to combat ransomware,” the report said.
