KnowBe4 Security Awareness Training Blog

The face of 2023's cyber-threat landscape was an alarming surge in ransomware and phishing attacks

Written by Stu Sjouwerman | Jun 29, 2023 10:46:30 AM

When KnowBe4 went public in April 2021, I got to know a select group of analysts that served as co-managers on our IPO. These professionals all know our industry very well and we spoke with them quarterly during our earnings conference call where we discussed the past 3 months and expectations for the future. One of these firms was Baird Equity Research and I am still on their mailing list, even though we went private this year as a Vista Equity Partners portfolio company.

This morning I received Baird's surprising year-to-date flash note of their analysis of "Security and Infrastructure Software Mid-Year Threat Landscape Check-In: Cyber-Pulse, Recent Trends, Findings" based on ThreatLabZ findings that were just published. The picture is not pretty. Here is the executive summary with grateful acknowledgement to Shrenik Kothari, Sr, Research Analyst at Baird. I am quoting him here:

"In this flash note, we highlight some interesting statistics and trends in the cyber-threat landscapes based on ThreatLabZ findings published today. The cyber-threat landscape in 2023 is defined by an alarming surge in ransomware and phishing attacks. These cybersecurity threats have grown in their sophistication and frequency, impacting businesses across sectors.

Ransomware attacks surged 37% YoY through April, impacting the US most (50% attacks). Phishing attacks globally rose 50% YoY, aided by AI technologies like ChatGPT. The rise of Ransomware-as-a-Service (RaaS) on the dark web facilitated the ransomware growth. Manufacturing was the most targeted industry (15% of attacks) The US also led in double-extortion ransomware. Microsoft and the US were the most impersonated brand and targeted country, respectively, while the education sector experienced a 576% surge in phishing attempts.

  • Ransomware key trends and statistics: Ransomware attacks rose by around 37% YoY through April. The impact of these attacks is especially felt in the U.S., which was the target of nearly half of all ransomware campaigns in the past year. This section provides an overview of the various trends, industry-specific impacts, and key actors/methods involved in the ransomware threat landscape.
    • Ransomware-as-a-Service: The growth of ransomware attacks is linked to the rise of RaaS, with threat actors selling their services on the dark web for 70-80% of ransomware profits, and has lowered barriers to entry for new cybercriminal groups. One noteworthy trend in 2023 is the growth of encryption-less extortion, a style of cyberattack that prioritizes data exfiltration over disruptive encryption methods.
    • Industry-specific impact: The manufacturing sector remains the most targeted by ransomware, accounting for nearly 15% of total attacks. It is closely followed by the services sector, with around 12% of total attacks. The arts, entertainment, and recreation industry experienced the largest surge in ransomware attacks, with growth over 430%.
    • Targeted countries: The US is most targeted by double-extortion ransomware attacks (40% of all), followed by Canada, the UK, and Germany.
  • Phishing key trends/statistics: Phishing attacks globally rose nearly 50% year-over-year. In this section, we present an analysis of phishing attacks, their patterns, targeted sectors, and the most targeted countries.
    • Emergence of AI and evolving phishing threats: AI tools like ChatGPT and phishing kits are revolutionizing phishing attacks, lowering technical barriers for criminals to generate malicious code and contributing to the growth of phishing. Vishing, or voicemail-themed phishing campaigns, have evolved from SMS or SMiShing attacks. Recruitment scams on LinkedIn and other job recruiting sites are also on the rise.
    • Most targeted brands and countries by phishing attacks: Cybercriminals often impersonate popular consumer and technology brands. Microsoft was the most imitated brand, followed by cryptocurrency exchange Binance, Netflix, Facebook, and Adobe. The top five most targeted countries were the United States, the United Kingdom, the Netherlands, Canada, and Russia.
    • Industry-specific impact of phishing attacks: The education sector experienced the most significant surge in phishing attempts in 2022, with an increase of 576%. Finance, insurance, government, and healthcare industries also saw a surge in phishing attempts."

This exec summary is enough to realize that constant alertness is required to keep your org safe, that boards need to give a very high priority to cyber security budget, and that you need a strong security culture with a human firewall that's on their toes with security top of mind.