PRESS RELEASE
Boston, MA – January 24, 2023 – Black Kite, the chief in third-party cyber threat intelligence, at this time unveiled the {industry}’s first month-to-month ransomware dashboard, that includes essential insights for safety groups, media, analysts, and different {industry} leaders. The useful resource offers information, graphs, developments, and key insights from Black Kite’s risk intelligence staff concerning the prime ransomware teams, their victims, and assault patterns. Black Kite additionally analyzes the highest ransomware indicators to determine widespread vulnerabilities exploited by lively ransomware teams, and utilizing information and machine studying, Black Kite’s Ransomware Susceptibility Index (RSI) paints a complete image of the industry-specific cyber-risks that organizations face every month.
In December alone, the analysis staff monitored over 360 victims. The commonest indicators of compromise had been MX and DNS misconfigurations that allowed for spoofing and phishing assaults (266) and in-use providers and merchandise with vulnerabilities of excessive exploitability (233). Moreover, 49% of victims had open RDP or SMB ports publicly seen. Analysis additionally revealed that though LockBit continues to dominate the panorama, an rising ransomware group, WereWolves, entered the highest three for the primary time.
“Since lately getting into the scene, the WereWolves ransomware group has focused 26 victims within the U.S., Europe, and Russia,” stated Ferhat Dikbiyik, head of analysis at Black Kite. “The group is uncommon as a result of it has a full-fledged web site that recruits new members and provides a bounty program for safety vulnerabilities. Additionally it is uncommon to see ransomware teams concentrating on Russian corporations, which we have now solely witnessed earlier than from short-lived ransomware teams.”
The month-to-month dashboard has surfaced developments over the previous six months, together with:
-
LockBit has the most important share on this set of victims with 21% of victims revealed by the group.
-
Exploiting vulnerabilities has turn out to be the commonest methodology.
-
New teams, together with WereWolves, Whereas Play, 8base, and Akira, are placing themselves within the prime ranks with an rising variety of victims.
-
The U.S. continues to be probably the most focused nation. Nevertheless, there have been uncommon peaks in some international locations, reminiscent of Russia, Bulgaria, Iran, and Israel, because of a number of political conflicts.
-
The manufacturing {industry} remained one of many prime industries focused and noticed a rise in assaults within the second half of the yr.
-
There was a rise in assaults on the healthcare and knowledge industries.
“Ransomware gangs are consistently evolving their ways, and are working at rising scales with a view to get larger income from their victims,” stated Dikbiyik. “As there isn’t any signal of those assaults slowing down, it’s vital to grasp these gangs’ motivation and actions with a view to have smarter safety methods to stop assaults. This is the reason we have now created a free useful resource and can proceed to watch the panorama for developments with industry-wide impression.”
As these teams turn out to be extra refined, it’s crucial that corporations perceive their threat and are armed with the instruments to make knowledgeable choices about their safety methods. Black Kite’s month-to-month report dashboard offers important visibility to assist join the dots between ransomware teams’ patterns and their victims in order that the dangerous actors are not working within the shadows.
To see Black Kite’s newest ransomware information, go to the December report touchdown web page, or view information from the final six months on the Ransomware Reviews web page.
About Black Kite
Black Kite provides corporations a complete, real-time view into cyber ecosystem threat to allow them to make knowledgeable threat choices and enhance enterprise resilience whereas repeatedly monitoring extra distributors, companions, and suppliers in an ever-changing digital panorama.
By an automatic course of, and a mix of risk, enterprise and threat data, Black Kite offers cyber threat intelligence that goes past a easy threat rating or score.
Black Kite serves greater than 1,500 clients in a variety of industries and has obtained quite a few {industry} awards and recognition from clients.
Be taught extra at www.blackkite.com, on the Black Kite weblog.
Copyright © 2023 Black Kite, Inc. All rights reserved. All different model names, product names, or logos belong to their respective holders.