A report by Malwarebytes shows a significant increase in global ransomware attacks from July 2022 to June 2023. The United States saw the largest surge, with over 43 percent of the reported 1,900 ransomware attacks originating in the country, a 75 percent increase from the previous year. Germany, France, and the UK also experienced an uptick in attacks, but at a lower rate.
The report identifies 48 separate ransomware groups that targeted American companies, government organizations, and individuals during the mentioned period. Healthcare and educational institutions were disproportionately impacted by these attacks. It is important to note that the reported incidents represent only a portion of the actual number of attacks, as some organizations may choose to pay the ransom without reporting the incidents.
Ransomware attacks involve malware designed to deny users and organizations access to their computer files. The attackers demand a ransom, and upon payment, victims receive a decryption key to regain access to their files. The leading global offender is a ransomware gang called Clop, suspected to have ties to Russia, which has increasingly exploited zero-day software vulnerabilities to expand the scope of its attacks.
Malwarebytes suggests that the shift towards zero-day software exploits, instead of traditional phishing emails and virus-laden downloads, may explain the increase in reported incidents. France and the UK also witnessed higher numbers of attacks, with France experiencing a doubling of incidents, mainly targeting governmental institutions, and the UK reporting eight ransomware attacks per month, up from one per month in the previous year.
