Black Kite vs. The Competition See the Difference →

Black Kite Research: Ransomware Attacks Resurge with Victims Doubling in 2023

Annual “Ransomware Threat Landscape 2023™: Ransomware Resurgence” Report Analyzes 2,708 Victims and Uncovers Alarming Spike in Attack Frequency

BOSTON – April 25, 2023

Black Kite, the leader in third-party cyber risk intelligence, today released its highly anticipated report, “Ransomware Threat Landscape 2023: Ransomware Resurgence”. The report provides a comprehensive analysis of 2,708 ransomware victims with detailed insights into attacks from April 2022 to March 2023. The findings reveal a major ransomware resurgence this year, with the number of victims in March nearly double that of last April and 1.6 times higher than the peak month in 2022.

“While there were some signs of ransomware decreasing last year due to increased pressure from law enforcement and several ransomware groups shutting down, the last few months serve as a stark reminder that we are far from being in the clear,” said Bob Maley, CSO at Black Kite. “As more ransomware groups exploit vulnerabilities in third-party vendors, businesses will be blindsided unless they continuously monitor their extended ecosystem for susceptibility indicators and the earliest warning signs of risk.”

The “Ransomware Threat Landscape 2023: Ransomware Resurgence” Report’s key findings include:

  • Ransomware attacks resurged in early 2023, with new players such as Royal, BianLian, and Play ransomware gangs joining the field and major players like Lockbit and Clop executing mass-ransomware attacks.
  • The top targeted industries were Manufacturing (19.5%), Professional, Scientific, and Technical Services (15.3%), and Educational Services (6.1%).
  • The United States was the top targeted country, accounting for 43% of victim organizations, followed by the UK (5.7%) and Germany (4.4%).
  • Ransomware groups tend to target companies with annual revenues of approximately $50M to $60M, with third-party vendors often being targeted for client information extortion.
  • The top ransomware groups during the analysis period included Lockbit (29%), AlphaVM (BlackCat) (8.6%), and Black Basta (7.2%).
  • More than 70% of ransomware victims had a Ransomware Susceptibility Index®  (RSI) value above the critical threshold (0.4), indicating their susceptibility to ransomware attacks. An RSI score generated by Black Kite indicates an organization’s susceptibility to ransomware attacks. 
  • Common ransomware susceptibility indicators among victims included poor email configuration, recent credential leaks, public remote access ports, out-of-date systems, and IP addresses with botnet activity.
  • Encryption-less ransomware is on the rise, underscoring the importance of data protection and regulatory compliance in addition to addressing business interruption risks posed by traditional encryption-based attacks.

“Ransomware groups have increasingly taken on characteristics of an innovative and mature tech company – but as Black Kite Research shows, it is possible to understand their likely next move,” said Ferhat Dikbiyik, head of research at Black Kite. “Our data pinpoints key vulnerabilities, top targets, and more, so organizations can become as agile as the adversary with defensible intelligence. Thinking like a hacker is the first step toward activating effective prevention, response, and recovery for the level of vigilance needed to overcome these sophisticated criminals.”

Black Kite provides third-party risk intelligence from a technical, financial and compliance perspective to eliminate false positives and ensure a holistic approach to vendor risk management. In addition to the “Ransomware Threat Landscape 2023: Ransomware Resurgence” Report, Black Kite offers in-depth industry analysis reports, third-party breach research, and more.

To learn more about Black Kite, visit: blackkite.com. To view the full report visit here.
For access to the graphs from the report visit here.

About Black Kite

Black Kite is the only Cyber Security Ratings Service (SRS) to deliver the highest quality intelligence that helps leaders make better risk decisions for their organizations. Built from the hacker’s perspective, our standards-based third-party cyber risk monitoring platform is purpose-built to provide shareable and quantifiable analysis that prioritizes vendor risk, automates compliance framework mapping and transforms defensible risk decision-making.

With more than 1000 customers across the globe and counting, we’re committed to improving the health and safety of the entire planet’s cyber ecosystem with the industry’s most accurate and comprehensive cyber intelligence. Black Kite provides the only standards-based cyber risk assessments that fully analyze supply chain’s cybersecurity posture from three critical dimensions: technical, financial and compliance.

Contact

Lane Kearney, Corporate Ink
for Black Kite
Email: [email protected]