Akamai Research: Rampant Abuse of Zero-Day and One-Day Vulnerabilities Leads to 143% Increase in Victims of Ransomware
Ransomware Groups Have Evolved Tactics; File Exfiltration Now Primary Source of Extortion
According to the report, adversaries are evolving their methods and techniques from phishing to put a greater emphasis on vulnerability abuse. As these adversaries shift tactics, LockBit has dominated the ransomware landscape, from Q4 2021 to Q2 2023, with
Of all vertical industries, manufacturing saw a
Other key findings of Ransomware on the Move: Exploitation Techniques and the Active Pursuit of Zero-Days include:
- Organizations with reported revenue of up to
were the most at risk of being targeted ($50 million dollars65% ) while organizations with reported revenue above made up$500 million dollars12% of total victims - Victims of multiple ransomware attacks were more than 6x more likely to experience the second attack within three months of the first attack
- Financial services organizations saw an increase of
50% in the total number of impacted organizations year over year while the retail vertical ranks third in the number of ransomware victims per industry and saw a9% increase
"Adversaries behind ransomware attacks continue to evolve their techniques and strategies striking at the heart of organizations by exfiltrating their critical and sensitive information," said Pavel Gurvich, Senior Vice President and General Manager, Enterprise Security at Akamai. "It's critical that organizations understand the techniques and tools deployed by adversaries in order to shield their critical assets, preserve trust in their brand and ensure business continuity."
For additional information, the security community can access, engage with, and learn from Akamai's threat researchers by visiting the Akamai Security Hub and following the team on Twitter at @Akamai_Research. Visit Akamai at BlackHat in
Methodology
The ransomware data used throughout this report was collected from the leak sites of approximately 90 different ransomware groups. It is typical of these groups to report details of their attacks, such as timestamps, victims names, and victim domains. It is important to note that these reports are subject to whatever each ransomware group has a desire to publicize. The successfulness of these reported attacks was not included in this research.
This research focused instead on the victims who were reported. For each analysis, the number of unique victims within each grouping was measured. This victim data was joined with data obtained from ZoomInfo to provide additional details about each victim, such as location, revenue range, and industry. All data was within the 20-month time frame of October 1, 2021 through May 31, 2023.
About Akamai
Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai Connected Cloud, a massively distributed edge and cloud platform, puts apps and experiences closer to users and keeps threats farther away. Learn more about Akamai's security, compute, and delivery solutions at akamai.com and akamai.com/blog, or follow Akamai Technologies on Twitter and LinkedIn.
Media Contact:
Akamai PR
akamaiPR@akamai.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/akamai-research-rampant-abuse-of-zero-day-and-one-day-vulnerabilities-leads-to-143-increase-in-victims-of-ransomware-301894645.html
SOURCE Akamai Technologies, Inc.