Islamabad: Targeted ransomware gangs have grown in number and are well-known for attacking governments, specific high-profile enterprises, or a subset of employees inside an institution. According to extensive research conducted by Kaspersky experts, the number of targeted ransomware groups worldwide will increase by 30% between 2022 and 2023. In addition to this growth, the number of victims of targeted ransomware attacks soared by 70% within the same time period.
Targeted ransomware groups, like conventional businesses, employ hackers to manage large and clever operations in order to launch increasingly sophisticated targeted ransomware assaults.
In 2023, Kaspersky researchers closely watched roughly 60 targeted ransomware groups, up from about 46 in 2022, and uncovered occurrences indicating collaboration between targeted ransomware groups. In some situations, groups renowned for trading access points into corporate networks and systems sold the initial points of entry to advanced ransomware groups capable of carrying out more sophisticated attacks. Because cybercriminals must go through numerous phases before launching a targeted ransomware assault, such agreements allow them to save time and proceed directly to network reconnaissance or infection.
In 2023, Kaspersky’s free decryption tools were downloaded more than 360,000 times, assisting over 2 million ransomware victims in recovering their data. Despite these important advances, global ransomware payments topped USD 1.1 billion in 2023, a record high.
“Targeted ransomware groups are extremely tenacious and have a strong desire for extortion. For example, if a victim refuses to pay the ransom, cybercriminals frequently threaten to make the stolen material public. In other situations, these fraudsters also filed GDPR or SEC complaints in some locations against the victim firms for violating data protection rules,” says Maher Yamout, Senior Security Researcher at Kaspersky.
To safeguard your organization against targeted ransomware attacks, Keep all devices and systems up to date to prevent attackers from exploiting vulnerabilities. Create offline backups that intruders cannot exploit, and make sure you can retrieve them quickly in an emergency. Kaspersky recommends installing a cybersecurity solution based on a multi-layered security technique that protects systems against ransomware during the virus delivery and execution stages. Kaspersky Threat Intelligence is also an important tool to have, since it may provide detailed data and real-time insights into the history, motivations, and operations of targeted ransomware gangs. Kaspersky has also created free tools for the public, such as the Kaspersky Anti-Ransomware tool and No More Ransom, which assist stop ransomware and decrypt files.
Employee education and cybersecurity training are essential since human error is a significant cause of cybersecurity breaches and can act as the first point of entry for ransomware assaults.
