New Delhi –– Arete, a leading global cyber risk management company, released its 2023 Annual Crimeware Report, highlighting key trends and notable shifts in the cyber threat landscape. The report leverages data collected during Arete incident response engagements and explores the rise and fall of ransomware variants, trends in ransom demands and payments, impacts on critical infrastructure, and what Arete expects to see in 2024.
Key findings within the report:
• Arete observed threat actors continually evolve their operations to become faster, stealthier, and wealthier. These changes ranged from new methods to bypass security defenses to new techniques for exfiltrating and posting stolen data.
• A ransom was paid in just 31.3% of engagements in 2023, driving threat actors to become more aggressive in negotiation techniques and demand notably larger ransoms.
• Threat actors faced increased pressure from law enforcement, including the successful disruption of the Hive ransomware operation and a temporary ransomware takedown of ALPHV/BlackCat.
The report offers analysis and insights on the top ten ransomware variants observed and compares the impacts and challenges of RaaS operations and closed groups. It also explores shifts in ransom demands and payments, negotiation tactics, and the impact of encryption. The report also examines challenges faced by threat actors, including insider threats, affiliate disloyalty, and law enforcement’s increased efforts to disrupt cybercrime.
“As the threat landscape continues to evolve and adapt, so should the defenses and controls protecting organizations around the world,” said Arete’s Senior VP for Government Relations and Operational Intelligence Sharing, David Lacquement, Major General U.S Army (Ret). “Arete is committed to providing our clients and partners with actionable data to transform their response to cyber risk,” Lacquement added.