Zscaler Report: Ransomware Attacks Up More Than 37% in 2023
05 July, 2023
Ransomware-as-a-service has contributed to a steady rise in sophisticated ransomware attacks, according to the report
According to Zscaler's 2023 ThreatLabz Ransomware Report, cyberattacks are growing in complexity, while the entry barrier for cybercrime is diminishing.
Key findings from the report are as follows:
Ransomware attacks witnessed a surge of over 37% between April 2022 and April 2023.
The average ransom payment made by enterprises amounted to $100,000, with an average ransom demand of $5.3 million.
Businesses in the manufacturing, services, and construction sectors were the most common targets of ransomware attacks.
Nearly half of all ransomware targets were located in the United States.
In 2023, a total of twenty-five new ransomware families were identified, employing double-extortion or encryption-less extortion tactics.
Ransomware-as-a-Service (RaaS) Generates More Cybercrime
The rise of Ransomware-as-a-Service (RaaS) has been a catalyst for increased cybercrime activities. RaaS allows individuals with limited technical expertise to engage in cyberattacks, fueling the proliferation of ransomware incidents.
Deepen Desai, Zscaler’s CISO and head of security research, commented on RaaS and why organizations need zero trust protection to guard against ransomware attacks moving forward:
“Ransomware-as-a-service has contributed to a steady rise in sophisticated ransomware attacks. Ransomware authors are increasingly staying under the radar by launching encryption-less attacks which involve large volumes of data exfiltration. Organizations must move away from using legacy point products and instead migrate to a fully integrated zero trust platform that minimizes their attack surface, prevents compromise, reduces the blast radius in the event of a successful attack and prevents data exfiltration.”
Tips to Help Protect Against Ransomware Attacks
Zscaler has provided several suggestions to help organizations safeguard themselves against ransomware attacks, in addition to utilizing zero trust security solutions. These recommendations are as follows:
Establish consistent security policies: Implement measures such as SSL inspection capabilities, browser isolation, inline sandboxing, and policy-driven access controls to prevent threats from reaching end-users.
Combat internal and external threats: Employ a combination of inline application inspection, identity threat detection and response (ITDR), and deception capabilities to detect, deceive, and halt both internal and external threats.
Minimize lateral movement: Disconnect applications from the internet and adopt a zero trust network access (ZTNA) architecture to reduce an organization's attack surface and restrict unauthorized movement within the network.
Prevent data theft: Deploy inline data loss prevention (DLP) measures that include comprehensive TLS inspection. Inspect data while in transit and at rest to safeguard against data theft. Additionally, regularly install security software updates and provide security training to employees.
By implementing these recommendations, organizations can lower their vulnerability to ransomware attacks and mitigate the impact should an attack occur, as suggested by Zscaler.
