Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

There were more ransomware attacks last month than any other on record

Conceptual art of a computer system being hacked.

Thanks to the Clop ransomware group and its exploit of a flaw in Fortra’s GoAnywhere MFT secure file transfer tool, March 2023 was a record-breaking month for ransomware attacks.

New figures from NCC Group claim there had been 459 ransomware attacks recorded in March 2023 - up 91% compared to February, and up 62% compared to the same month in the previous year. 

Records were broken mostly because Clop, allegedly a Russian threat actor, discovered a zero-day in GoAnywhere MFT, a secure file transfer tool from Fortra, which was in use by some major corporate names. By abusing the zero-day, now tracked as CVE-2023-0669, the hackers managed to steal data and deploy ransomware on dozens of organizations. 

Dethroning LockBit 3.0

After leaking data from its first victim, Clop said 130 organizations were compromised, which isn’t wide of the mark given NCC Group’s assessment of 129 recorded attacks. The researchers said this makes clop “the most active ransomware gang” for the first time in its operational history.

Clop even managed to dethrone the infamous LockBit 3.0, which conducted 97 attacks in the same timeframe. Other notable mentions for March 2023 include Royal ransomware, BlackCat (AKA ALPHV), Bianlian, Play, Blackbatsa, Stormous, Medusa, and Ransomhouse. 

“Industrials” - construction, engineering, transport services, commercial and professional services, and more - were the most popular targets, with 147 (32%) ransomware attacks. “Consumer Cyclicals” - construction suppliers, hotels, media, and more - were second-placed, NCC Group said. Other notable mentions include technology, healthcare, financials, and educational services.

NCC Group also mentions that ransomware operators don’t really care who they’re attacking. Every incident is opportunistic, rather than targeted, despite the fact that some industries suffered more than others. Almost half of all attacks (221) happened in North America, with Europe following in second-place with 126 incidents. Asia rounds off the top three with 59 attacks.

Via: BleepingComputer

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.