According to a recent report by cyber risk intelligence firm Black Kite, ransomware attacks have seen a major resurgence from April 2022 to March 2023. The report highlights that the number of victims in March 2023 was almost double that of April 2022. This surge in ransomware attacks is attributed to the exploitation of vulnerabilities in third-party vendors by ransomware groups. Companies are advised to monitor their extended ecosystem continuously for susceptibility indicators and risk warning signs.

The report found that new players and ransomware gangs have joined the field, with major players like Lockbit and Clop executing mass-ransomware attacks. The top targeted industries were Manufacturing, Professional, Scientific, and Technical Services, and Educational Services. The United States was the most targeted country, followed by the UK and Germany.

The report also highlights that ransomware groups tend to target companies with annual revenues of approximately $50M to $60M, with third-party vendors often being targeted for client information extortion. Common ransomware susceptibility indicators among victims included poor email configuration, recent credential leaks, public remote access ports, out-of-date systems, and IP addresses with botnet activity.

The rise of encryption-less ransomware underscores the importance of data protection, regulatory compliance, and addressing business interruption risks posed by traditional encryption-based attacks. The report serves as a reminder that ransomware attacks continue to pose a significant threat, and companies need to remain vigilant and take proactive measures to prevent such attacks.