News & Analysis

Public Extortion via Ransomware Spikes

New report says cybercrime involving ransomware saw more publicly shamed victims in 2023


In a year marked by heightened cyber turmoil, there was a whopping 90% spike in publicly extorted victims of ransomware attacks, says a new report. These attacks now account for as much as 10% of all malware detected with publicly shamed victims soaring to around 5,000 instances, which translates to double of such instances in 2022. 

The Comprehensive Security Report published by Check Point Research, the threat intelligence arm of Check Point Software, also notes the growing complexity of cyber threats during the past twelve months that saw a dramatic rise in ransomware instances as well as a strategic use of artificial intelligence (AI) in cyber security defenses. 

Better strategies, high-value targets

The report noted that attackers came up with refined strategies, leveraging zero-day vulnerabilities and enhancing Ransomware-as-a-Service (RaaS) with new extortion tactics. High-value targets are increasingly in the crosshairs, demonstrating the need for robust defense mechanisms. 

In addition, the report pointed out more instances of cybercriminals targeting edge devices that further highlights the need for comprehensive security measures that cover all the network elements of enterprises. The report also shared a Live Cyber Threat Map that studies tactics adopted by cyber criminals to carry out their attacks. 

Zero-day vulnerabilities to the fore

The report said, “Ransomware attacks exploiting zero-day vulnerabilities while using shame sites for publicly revealing who their victims are became more popular, turning ransomware into a sort of competition among cybercriminals. The cost of these attacks went beyond just paying the ransom, with companies like MGM, DP World, and the British Library facing huge expenses to rebuild their systems.” 

It also noted a spike in hacktivism, where hackers are driven by political or social causes. This type of hacking, once a tool for individual activists, is now being used by governments as a way to attack adversaries indirectly. This was especially noticeable in the wake of events like the Russo-Ukrainian war and the Israel-Hamas conflict.

Nation-state threat actors on the rise

Maya Horowitz, VP of Research at Check Point said, “In an era of relentless innovation in cyber crime and accumulating tensions involving nation-state threat actors and hacktivists globally, organizations must adapt. Investing in stronger defenses with robust AI-powered and cloud-delivered cyber security measures, and proactively fostering collaboration, is key to effectively safeguarding against these evolving dangers.” 

The report also said that attackers found new ways to break into systems, with devices like routers and switches becoming easy targets. Big organizations, including Okta and 23AndMe, were hit by attacks that used stolen login details or malicious software. However, there were some wins in the battle against cybercriminals. Law enforcement agencies made progress in taking down major threats like the Hive Ransomware network and the Qbot infrastructure.

The Cyber Point Research report also discussed the role of AI in cyber attacks this year. It noted that attackers started using AI tools to make their phishing campaigns more effective. However, the good news is that AI is also being used by cyber defenders to better protect against these threats. (Click here for a copy of the report)