Zscaler 2023 Ransomware Report Shows a Nearly 40% Increase in Global Ransomware Attacks
Zscaler, Inc., a San Jose-based cloud security vendor, has released its 2023 “ThreatLabz” Ransomware Report tracking the ongoing increase in complex ransomware attacks and spotlights recent ransomware trends, including the targeting of public entities and organizations with cyber insurance, growth of ransomware-as-a-service (RaaS), and encryption-less extortion. Since April 2022, ThreatLabz has identified thefts of several terabytes of data as part of several successful ransomware attacks, which were then used to extort ransoms.
The evolution of ransomware is characterized by the inverse relationship between attack sophistication and barrier of entry for new cybercriminal groups. The barrier of entry has decreased, while cyberattacks have grown in sophistication, due to the prevalence of RaaS, a model where threat actors sell their services on the dark web for 70-80% of ransomware profits, according to the report. This business model has continued to increase in popularity over the last few years as evidenced by the frequency of ransomware attacks, which increased by nearly 40% over the last year. One of the most noteworthy trends that aligned with this growth in 2023 has been the growth of encryption-less extortion, a style of cyberattack that prioritizes data exfiltration over disruptive encryption methods.
“Ransomware-as-a-Service has contributed to a steady rise in sophisticated ransomware attacks,” said Deepen Desai, Global CISO and Head of Security Research at Zscaler. “Ransomware authors are increasingly staying under the radar by launching encryption-less attacks which involve large volumes of data exfiltration.”
The United States was the most targeted country by double-extortion ransomware attacks, with 40% of all victims calling this region home. The following three countries combined, Canada, United Kingdom, and Germany, had less than half of the attacks that targeted U.S. entities. The most prevalent ransomware families that Zscaler ThreatLabz has been tracking include BlackBasta, BlackCat, Clop, Karakurt, and LockBit, all of which pose a significant threat of financial losses, data breaches, and operational disruption to individuals and organizations of all sizes.
The manufacturing sector remains the most targeted industry vertical, accounting for nearly 15% of total ransomware attacks. It is followed by the services sector, which experienced approximately 12% of the total quantity of ransomware attacks last year. Organizations in the arts, entertainment, and recreation industry experienced the largest surge in ransomware attacks, with a growth rate over 430%.
The ThreatLabz team evaluated data from the Zscaler security cloud, which monitors over 500 trillion daily signals and blocks 8 billion threats a day with over 250K security updates made daily. ThreatLabz analyzed a year’s worth of global phishing data from the Zscaler cloud from April 2022 to April 2023 to identify key trends, industries and geographies at risk, and emerging tactics. This year, the ThreatLabz team also supplemented its own analysis of ransomware samples and attack data with external intelligence sources.
The annual ThreatLabz Ransomware Report helps partners to track trends and impacts of ransomware attacks, including encryption-less extortion and the growth of Ransomware-as-a-Service.
BT and HPE Partner for New Global Managed LAN Service
BT has announced a partnership with HPE to offer customers a new managed service powered by HPE Aruba Networking, combining BT’s global reach and experience in the design, deployment and management of in-building wired and wireless connectivity with the latest HPE Aruba Networking LAN solutions.
As a first step, BT audits the LAN to identify what is already in place and what could be re-used and anything that should be replaced, leveraging HPE Aruba Networking technology.
BT then evaluates how to secure and protect connected devices, simplifying visibility through a single, cloud-based dashboard that centralizes reporting, analytics, security, scalability, and resilience in one platform. It can also identify redundant devices using unnecessary power and automate network and energy optimization.
“It’s clear that legacy in-building networks can’t handle modern hybrid working and IoT devices, never mind what comes next,” said Andrew Small, director of voice and digital work, Business at BT Group. “That’s why we’re expanding customer choice of managed LAN solutions by partnering with HPE Aruba Networking. This will offer the visibility, flexibility and security customers need to deliver productive, trusted wired and wireless connectivity.”
“Global customers that are building their connectivity strategies are focusing on modern enterprise networks that are secure, agile, responsive to business needs and simple to operate, while being powerful drivers of transformation,” said Phil Mottram, executive vice president and general manager of HPE Aruba Networking.
Administrators of many legacy LANs struggle to support hybrid workers’ expectations when accessing apps in offices, branches, warehouses, factories, or campuses. BT’s new HPE Aruba Networking Managed LAN service is expected to enable customers to securely modernize connectivity to support changing workstyles and keep apace of IoT demands, delivering improved performance, flexibility, and control of local area networks (LANs).
Critical Insight Introduces PartnerFirst Program
Critical Insight, a Seattle-based Cybersecurity-as-a-Service provider, has rolled out its new PartnerFirst Program. Features include an updated pricing structure for MSPs, additional sales support, co-marketing initiatives, and an improved portal for registration, news, events, training, and co-branded documentation.
Agents, distributors, MSPs, MSSPs, system integrators, and VARs are included in the program based on differing contract vehicles for resellers versus referral agreements across all industries, particularly healthcare, education, manufacturing, utilities, and the public sector.
“We wanted to ensure that service providers got additive value when introducing the Critical Insight PartnerFirst Program,” said Lynn Shourds, Vice President of Channel Alliances at Critical Insight. “The PartnerFirst program provides new revenue opportunities for partners and enables them to put CaaS in the hands of every customer.”
Critical Insight prepares, monitors, and responds to cyber threats, and provides partner support for the proactive handling of threats as they occur.
The cybersecurity landscape continually evolves, demanding that organizations equip themselves with partners that invest in people, technology, and domain expertise to remain at the forefront of threat detection and management. Critical Insight’s Cybersecurity-as-a-Service (CaaS) is intended to give partners the opportunity to provide affordable, comprehensive cybersecurity services.