Published on November 16, 2023, 4:23 pm
The number of new ransomware groups has surged in the first three quarters of 2023, leading to an increase in data breaches, according to research from cyber security specialist WithSecure. The company has been tracking the activities of 60 ransomware groups, with 29 of them identified as new gangs. The rise in data leaks can partly be attributed to these new ransomware groups.
However, evidence suggests that some of these new groups could be affiliates or former members of now-defunct collectives like the Conti Group. These groups are known for executing multipoint extortion attacks, which involve using different strategies to coerce victims into paying higher ransoms. An example of a multipoint extortion attack is the Maze attack, which was high-profile and brought attention to this type of ransomware.
The general playbook for such attacks includes exfiltrating and encrypting a victim’s data and then threatening to publish it or make it available to competitors if the ransom is not paid. The frequency of ransomware attacks has increased during the first three months of 2023 compared to the same period in 2022. There was a 50% increase in data leaks from ransomware groups during this time frame.
Although it’s important to note that 2022 was a relatively quiet year for ransomware attacks with a decrease of 23% compared to 2021, the significant increase in new groups entering the scene as ransomware operators raises concerns. This indicates that until there is a change in the revenue generation methods for hacking groups, we are likely to see continued growth in these types of attacks.
Despite the presence of new operators, a significant portion of the ransomware attacks this year were still carried out by established groups. LockBit, responsible for recent attacks on Boeing and Royal Mail, accounted for 21% of data leaks in 2023. However