Ransomware attacks tracked by cloud security provider Zscaler rose by 37 percent on a year-over-year basis through April 2023, the company said in a new report issued today.
“The proliferation of ransomware continues to pose a significant threat to organizations, individuals, and critical infrastructure worldwide,” the report says. “Cybercriminals constantly adapt and refine their tactics, leveraging leaked source code, advanced encryption schemes, and emerging programming languages to maximize their illicit gains.”
Beyond the top-line increase in attacks, the report also reveals that the average enterprise ransom payment exceeded $100,000 during the year ended in April 2023, and that the average ransom demand totaled $5.3 million.
Construction, manufacturing, and service-based businesses were among the most targeted sectors, the report says.
Geographically, the United States remains the most frequently targeted country for ransomware campaigns, “and is impacted more than any other country,” the report finds.
Driving the increase in ransomware attacks is increasing sophistication in attack methods, which include phishing, social engineering, and exploitation of known vulnerabilities, Zscaler said.
Making attacks more lucrative over the past year, Zscaler said, are exploits generated through ransomware as a service, and encryption-less attacks.
Of the latter, Zscaler said, “rather than encrypting victim files, attackers focused on exfiltrating sensitive data as leverage for extortion. This presents new challenges for victims and security professionals because traditional methods of file recovery and decryption may not apply.”
“This insidious approach presents a new challenge as attackers bypass encryption to directly target and compromise vital systems and data,” the report says.
To mitigate the risk of ransomware attacks, Zscaler said organizations must embrace zero-trust approaches, including zero-trust network access (ZTNA) architecture, browser isolation, data loss prevention, and cloud access security broker (CASB) solutions.
“By adopting these proactive defenses, organizations can strengthen their security posture and effectively protect against ransomware attacks,” the company said.