What can you find in the Q2 2023 Ransomware report?

Ransomware has rapidly become well-known in cybersecurity as one of the most potent cyber threats faced by individuals, organizations, and even governments. Ransomware variants have shown an alarming proclivity to adapt to bypass traditional security solutions, enhance their capabilities to target specific victims, and even leverage a wide gamut of cyber threats, such as phishing, to deliver their payload.  

The costs of ransomware are threefold: first, there is the financial cost associated with actual ransom payments, then there is the loss of productivity resulting from encrypted critical data that is required for day to day functioning of an organization, and last but not least, there is the reputational damage that being a ransomware victim comes with.  

Over the past quarter, we have seen ransomware variants enhance their capabilities and sophistication, target a wider victim base, and even employ more advanced techniques to guarantee the encryption of critical data.    

Our Q2 – 2023 ransomware report encapsulates the following major findings from Q2-2023:

• Ransomware groups publicly disclosed several victims, with United States (US) corporations continuing to be the most affected. 
• Italy and Germany witnessed a steep increase in ransomware attacks. 
• Most high-income organizations were targeted in the Professional Service, IT & ITES, and Construction sectors. 
• As we predicted last quarter, IT & ITES and BFSI were amongst this quarter's 5 most impacted sectors. 
• We observed several new ransomware groups emerging in Q2-2023, a significant spike in the formulation of new ransomware groups compared to Q1-2023.
• LOCKBIT remains a potent threat in the ransomware threat landscape, targeting several entities in Q2-2023
• The GoAnywhere and MOVEit vulnerabilities saw massive exploitation in Q2-2023.