This report highlights the increasing use of multi-layered extortion tactics by threat actors, with data theft, harassment, and DDoS attacks on the rise in ransomware incidents. It emphasizes evolving threats, targeted industries, and regional impacts, urging organizations to enhance visibility and incident response plans. #LockBit #Conti
Keypoints
- The structure of annual cybersecurity reports typically includes an executive summary, detailed threat analysis, tactical insights, and recommendations for defenses and response strategies.
- Key statistics reveal a sharp increase in data theft during ransomware incidents, rising from 40% to 70% of cases between mid-2021 and late 2022, with threat actors increasingly leveraging dark web leak sites.
- Notable trends include the rise of multi-extortion tactics such as data theft, harassment, and DDoS, alongside a growing focus on targeting industries like manufacturing and legal services.
- Extortion groups such as LockBit and Vice Society are responsible for hundreds of breaches, with LockBit posting information about 801 organizations in 2022, a 95% increase from 2021.
- Advanced state-sponsored threat groups from countries like Iran and China are using ransomware and extortion to fund other malicious operations or conduct espionage, not solely for financial gain.
- Regions most affected include North America, with the U.S. accounting for 42% of leaks, followed by Europe and Asia Pacific.
- Consistent themes across reports stress the importance of proactive attack surface management, threat intelligence, comprehensive incident response plans, and layered defense mechanisms to counter evolving threats.
Source: Awesome Annual Security Reports - The reports in this collection are limited to content which does not require a paid subscription, membership, or service contract. (https://github.com/jacobdjwilson/awesome-annual-security-reports/)