2023: New Trends in Industry Targets
Ransomware threat actors spread their attacks widely around various types of organizations, but at times trends appear as a result of herd behavior and learned practice. If a group is able to succeed in victimizing one type of business, they will naturally gravitate towards finding other businesses that fit the profile of the one they succeeded with. And it’s not always the biggest or flashiest victims that get the attention of ransomware gangs. Many in the industry will recall a rash of attacks on school districts and other small municipal government entities from a couple years ago — gangs likely target lower-profile victims in hopes of reducing the risk of law enforcement attention.
In the past month, our threat intel team noticed some dramatic industry-specific shifts.
Telecommunications saw an 800% increase. Half of these organizations are based in the United States, the others are located in the U.K., France, Lebanon, and Cameroon.
Hospitals and Healthcare experienced a 750% increase in attacks. It should be noted that some of this increase was due to CL0P’s GoAnywhere campaign (35% of the total), however, even after removing CL0P’s victims from the analysis, there would still have been a 450% increase from February. Many of the organizations impacted were healthcare tech companies.
Government saw a 220% increase over February. This mostly includes local municipalities such as cities. These targets were attacked by no less than 10 different ransomware groups including BianLian, Lockbit, Play, and Stormous.
Share with others!
Legal Disclaimer: This report is intended for general guidance and information purposes only. This report is under no circumstances intended to be used or considered as specific insurance or information security advice. Please consult your broker with respect to the information presented herein.