Ransomware threats are surging once again - here's what your business needs to know

News
By published

Here is when the ransomware usually strikes

Lock on Laptop Screen
(Image credit: Shutterstock.com) (Image credit: Future)

2023 was a big year for ransomware, with the number of threats rising after a two-year decline, breaking a six-year record, new research has claimed.

A report from Mandiant has revealed the rising popularity of ransomware-as-a-service (RaaS), also means the barrier for entry has been severely reduced, and as a result, the number of victims posted on data leak sites rose substantially.

As per the paper, there has been a 75% increase in the number of businesses posted on data leak sites between 2022 and 2023, with organizations across 110 countries affected.

Bye bye, Cobalt Strike

Many old and known ransomware families have also been getting new variants, signaling ongoing development and resource sharing among the cybercriminal community. In fact, roughly a third of all new ransomware families Mandiant observed and tracked in 2023 were variants of previously identified versions.

Mandiant also says that while ransomware variants are changing, the attackers are also pivoting to new tools when it comes to initial access. While in earlier years, malicious tools were dominating, they are now slowly being replaced with legitimate tools being used for malicious purposes. Most notably, Cobalt Strike, a super popular threat emulation tool that was essentially hijacked by cybercriminals, is slowly being phased out. In its place are now multiple legitimate remote access tools. 

Hackers are also moving faster than before, cutting down on dwell time and deploying ransomware sooner, Mandiant says. In almost a third of incidents, ransomware was deployed within 48 hours of initial attacker access, which means threat actors are now better at mapping out IT infrastructure, networks and systems. 

Finally, they are still running encryptors in the after-hours: more than three-quarters (76%) of all ransomware deployments happened outside of work hours, usually in the early morning.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Ransomware attack on a computer
Ransomware attacks surged in 2024 as hackers looked to strike faster than ever
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
Hands typing on a keyboard surrounded by security icons
35 years on: The history and evolution of ransomware
A computer being guarded by cybersecurity.
The impact of the cyber insurance industry in resilience against ransomware
Latest in Security
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Latest in News
Tesla Roadster 2
Tesla is still taking deposits on its long overdue Roadster, despite promising it would arrive in 2020
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
More about security
IBM office logo

IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Andrew Koji as Zeek pointing a gun at someone off camera.

Andrew Koji reveals Gangs of London season 3's new mysterious assassin is like 'the human Terminator' in the Sky Original series
See more latest
Most Popular
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
De'Longhi Linea Classic espresso machine on kitchen counter with hot and cold coffee drinks
I'm a qualified barista, and De'Longhi's latest espresso machine could be this year's best budget buy for coffee lovers
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Apple iPhone 16 Review
New iPhone 17 report lends weight to rumors of major display and camera upgrades, and a pricey Apple foldable