Reported Ransomware Incidents in UK Doubled in 2023

• Content
• Smart Buildings & Technology
• Reported Ransomware Incidents in UK Doubled in 2023

23 January 2024

A Freedom of Information request has revealed that there was a resurgence in ransomware-related incidents following a quieter 2022.  

In the first six months of 2023, twice as many ransomware incidents were reported compared to the same period in 2022. Ransomware deliberately encrypts IT systems, locking users out and demanding money. 

According to the Freedom of Information (FOI) request submitted by Picus Security, nearly a third of all cyber incidents reported in the first half of 2023 were categorised as ransomware (31 per cent), compared to 11 per cent in the same period in 2022.

"...modern malware is now capable of performing far more actions across the cyber-kill chain, to more effectively evade defences. More than one-third of malware samples exhibit more than 20 individual tactics, techniques and procedures."

– Dr Suleyman Ozarslan

Co-Founder and VP, PicusLabs

 

Commenting on the findings, Dr Suleyman Ozarslan, Co-Founder and VP of Picus Labs said: “Ransomware remains a scourge for every sector and every security team. Our data reflects a common pattern seen in recent years. Ransomware gangs burst onto the scene, scale up their campaigns, and put a target on their backs. After the coordinated crackdowns and arrests from global government agencies, ransomware activity can start to die down until the next group looks to fill the void left by their predecessor.

“The first six months of 2023 was a hectic period for financial services security teams. This sector has always been one of the biggest targets for both politically and financially motivated cybercriminals. Cl0p Ransomware, for example, is known to target major banks.

“Two major Microsoft vulnerabilities may have also contributed to more incidents than usual this year, as was the case in 2021 when the Hafnium hacking group was actively exploiting another Microsoft Exchange Server bug. The increasing complexity of malware deployed by adversaries may also be a factor. The Picus Red Report 2023 found that modern malware is now capable of performing far more actions across the cyber-kill chain, to more effectively evade defences. More than one-third of malware samples exhibit more than 20 individual tactics, techniques and procedures. 

“The numbers for the first half of 2023 are also far higher than the second half of 2022 when cyber incident reports almost ground to a halt by the end of the year. It is interesting to see such consistently low numbers in December. A slight decline in cyber incident reports would reflect the fact that many people are away from the office, but there is such a sizable gap between December and January figures. We know that breaches happen all year round, so the numbers should fall off a cliff in this manner. 

“I don’t know which is worse, if security teams don’t discover incidents in December, or if they choose not to report them until after the holidays.” 

Picture: a graphic showing a skull and crossbones over a world map. The image is red and black and contains the words "Ransomware Attack" and "Your files are encrypted". Image Credit: Adobe Stock

Article written by Ella Tansley | Published 23 January 2024

Share

Related Articles