Photo: SOPA Images via Getty Images
“Over 43 percent of reported incidents occurred within the United States.”
Global ransomware attacks are surging, as indicated by a report issued by cybersecurity firm Malwarebytes. The study reveals a significant increase in attacks from July 2022 to June 2023, with the United States being the hardest hit. Out of the 1,900 reported ransomware attacks analyzed, over 43 percent originated in the U.S, marking a 75 percent rise compared to the previous year.
Although Germany, France, and the UK also witnessed a rise in ransomware attacks, the rate was comparatively lower than in the United States. The report highlights 48 distinct ransomware groups targeting American companies, government organizations, and individuals during the mentioned period. Disturbingly, healthcare and educational institutions suffered a disproportionate impact. For instance, dental insurer Managed Care of North America (MCNA) experienced a breach in March, while the New York City Department of Education fell victim in June.
It’s important to note that the Malwarebytes study only considers reported incidents, suggesting that the actual number of attacks could be much higher than 1,900. Some organizations choose to pay the ransom and remain silent to avoid further complications.
So, what exactly is a ransomware attack? It refers to a type of malware specifically designed to restrict users and organizations from accessing their computer files. The malicious software encrypts the files, and the victim can only regain access by paying the ransom and receiving a decryption key. It’s essentially a digital extortion scheme.
Among the various ransomware gangs, the most notorious is a group called Clop, which is suspected to have ties to Russia. Over the past year, this criminal organization has evolved and exploited zero-day software vulnerabilities to expand the scale of its attacks. In June, the group capitalized on a vulnerability in enterprise file transfer software, breaching the servers of numerous companies, including the largest US pension fund.
Malwarebytes suggests that the shift towards zero-day software exploits, rather than relying on phishing emails or virus-infected downloads, may explain the surge in reported incidents.
Regarding other countries, France experienced a doubling of ransomware attacks in the past year, with governmental institutions being particularly targeted. Meanwhile, the UK faced 200 attacks from 32 separate groups, with a concerning increase in frequency. In the previous year, the country reported only one ransomware attack per month, which escalated to eight attacks per month in the most recent year.