Ransomware

The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today. With LockBit’s strong malware capabilities and affiliate program, organizations should keep abreast of its machinations to effectively spot risks and defend against attacks.

Z naszego ciągłego monitoringu stanu zagrożeń w 2023 roku wynika, że zamiast szerokich akcji cyberprzestępcy coraz częściej przeprowadzają konkretne ataki, korzystając z przewagi, jaką daje im coraz większa powierzchnia ataku.

We cover the key trends that defined the ransomware threat landscape in the second half of 2023. Data from RaaS and extortion groups’ leak sites, open-source intelligence (OSINT) research, and the Trend Micro telemetry shows that LockBit, BlackCat, and Clop continued to rank among the active RaaS and extortion groups with the highest victim counts during this period.

W tym raporcie szczegółowo opisujemy główne punkty krajobrazu zagrożeń w nadchodzącym roku wraz z analizą i zalecanymi środkami łagodzącymi, opracowanymi przez zespół ekspertów ds. cyberbezpieczeństwa Trend Micro.

2024 is poised to be a hotbed for new challenges in cybersecurity as the economic and political terrains continue to undergo digitization and enterprises increasingly leverage artificial intelligence and machine learning (AI/ML), the cloud, and Web3 technologies. While these innovations are expected to lend a hand to organizations, they also provide opportunities for cybercriminals by promising big returns, more streamlined operations on wider impact zones, and more targeted victims.

After the shutdown of its leak site in October, we look at how ransomware group Trigona operated during its period of activity and discuss how enterprises can fortify their defenses against similar threats.

This report spotlights Akira, a novel ransomware family with highly experienced and skilled operators at its helm.

We delve into three of the most active ransomware families that dominated the first half of 2023: LockBit, Clop, and BlackCat. This report features data from ransomware-as-a-service (RaaS) and extortion groups’ leak sites, Trend Micro’s open-source intelligence (OSINT) research, and the Trend Micro™ Smart Protection Network™, collected from Jan. 1 to June 30, 2023.

Nasze dane zarządzania ryzykiem w powierzchniach ataku pokazują, że w pierwszej połowie 2023 r. najwięcej zdarzeń wykryto w Stanach Zjednoczonych, Brazylii i Indiach, a najczęściej atakowane branże to produkcja, opieka zdrowotna i nowoczesne technologie.