Ransomware Attacks Using Extortion Tactics Reaches Critical Mass at 96% of all Attacks

New cyber attack data from 2022 is providing insight into what to expect in 2023, including ransomware campaigns.

The philosopher George Santayana is credited with the saying “Those who forget their history are condemned to repeat it.” It’s one of the reasons why historical trending data provides us with what has worked which attacks are trending.

Cyber insurer Beazley’s Cyber Services Snapshot provides a look back at last year, along with some predictions for this year. According to the report, ransomware’s use of exfiltration and extortion since it’s mainstream adoption by ransomware gangs in late 2020, has steadily been increasing from 69% of attacks in Q3 of 2020 to a massive 96% of attacks in Q4 2022.

This makes sense – particularly with all the attention on attacks like those carried out by Hive in the last few years. Hive has served as a lesson for other ransomware gangs that disrupting operations tends to garner the attention of the authorities. So it makes sense that exfiltration and extortion continue to rise in popularity, as the attack becomes more about the victim organization worrying about the impact on their their reputation, stock price, customer base, etc.

Also reported is the initial attack vectors – similarly to the Coveware reports I’ve covered here before, we see vulnerabilities on the decline, “unknown” on the rise, and phishing steadily increasing. The odd data point in the Beazley research is the climb in RDP access to the number one spot. They do mention in the report that there were lower volumes of attacks reported, resulting in “more fluctuations in ransomware vector data than usual.”

Even so, phishing has remained steadily dominant, with Beazley themselves pushing for organizations to educate their employees through Security Awareness Training to help users understand that their role in cybersecurity is important, despite being somewhat burdensome.