Ransomware attacks and Business Email Compromise (BEC) campaigns are on the rise once again, new research has said.
The annual Arctic Wolf Labs Threat Report claims the median ransom demand rose by a fifth (20%) year-on-year and has now hit $600,000.
While ransomware operators target organizations of all shapes and sizes, across all verticals, Arctic Wolf argues that legal, government, retail, and energy industries suffered most, with median demands surpassing $1 million. At the same time, businesses in manufacturing, business services, and education/non-profit, were the most common ones to appear on ransomware leak sites.
Abusing old flaws
Based on the insights from the company's threat, malware, digital forensics, and incident response case data, the report also claims AI tools have had a major role in the increase in threats, year-on-year.
As for Business Email Compromise, this type of attack rose at breakneck speeds this year, now outnumbering ransomware incidents by a factor of 10. Still, a ransomware incident is 15 times more likely than a BEC incident to lead to an incident response investigation.
Elsewhere in the report, Arctic Wolf argues that hackers aren’t that interested in looking for zero-day vulnerabilities. Instead, they’re more than happy abusing flaws found in the past, the researchers said, suggesting that everyone’s patching practices leave a lot to be desired.
In fact, vulnerabilities disclosed in 2022 or earlier now account for almost 60% of all incidents where the root cause was the exploitation of an externally accessible system.
More from TechRadar Pro
- Ransomware is more of a threat to businesses than ever before
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now