In a startling revelation, November Threat Pulse, published by NCC Group, a global cybersecurity and software escrow business, reported a significant spike in global ransomware attacks, marking a 30% increase with 442 attacks in November alone. This surge has propelled the total number of ransomware attacks to a staggering 4,276 cases at the moment of release in 2023, surpassing earlier predictions.
November saw the resurgence of the notorious banking malware Carbanak in ransomware attacks. Initially surfacing in 2014, Carbanak infiltrates financial systems through advanced phishing techniques, compromising bank employees. The malware resurfaced in November, demonstrating evolution in its distribution tactics by impersonating well-known business-related software, including HubSpot, Veeam, and Xero.
Matt Hull, Global Head of Threat Intelligence at NCC Group, expressed concern over the unexpected surge in ransomware levels, emphasizing the need for continued vigilance, particularly in the industrial sector. As the year concludes, businesses are urged to prioritize cybersecurity, focusing on supply chain resilience, especially in the face of evolving threats like Carbanak.
Continuing a year-long trend, the industrial sector emerged as the primary target in November, experiencing 146 attacks, constituting 33% of the total. This sector's vulnerability is attributed to its expansive data repositories, including Personally Identifiable Information (PPI) and Intellectual Property (IP). The sector's heavy reliance on digitalization for efficiency and productivity also heightens the risk of ransomware threats.
November witnessed LockBit as the most active threat actor, recording a 73% month-on-month increase in activity. LockBit has consistently maintained its dominance throughout the year, except for a few months when CLOP briefly held the top spot. BlackCat secured the second position in November, with a notable 58% increase in attacks, while Play, despite dropping to third place, marked its most active month on record.
As anticipated, Europe and North America bore the brunt of ransomware attacks in November. North America continued to be the most targeted region, with 50% of attacks, while Europe witnessed a notable increase, accounting for 31% of attacks. Asia claimed the third spot with 10% of attacks. The month also saw a rise in undisclosed targets, highlighting unrevealed regions facing ransomware threats.
In our blog, we post technology-related articles weekly. Follow us on Facebook and Instagram to get notifications about updates.