March 2, 2023
The Dutch Police have arrested three individuals for suspected ransomware activity, which generated at least 2.5M Euro in extortion fees. The actors are believed to have attacked thousands of organizations, compromising the data of tens of millions of individuals. This is another example of successful law enforcement activity against ransomware operations. Such activity has increased over the past year, leading to the arrest of several prominent ransomware group members, such as Revil and Netwalker. This is one factor behind a decline in ransomware attacks since in 2022.
Kovrr’s cyber threat intelligence database provides data to back up the effect successful law enforcement actions, among other factors, have on ransomware. Based on Kovr’s data, not only did the total number of attacks decline by around 8% compared to the previous year, but the average extortion amount was also reduced by 84%.
An extensive report studying vulnerabilities exploited by ransomware actors uncovered that 76% of vulnerabilities which are still being actively exploited by ransomware have been discovered between 2010 and 2019.
This clearly shows several issues:
The U.S Federal Trade Commission (FTC) announced that U.S citizens lost $8.8B in 2022 to various types of scams, which is a 30% increase compared to fraud losses in 2021. Overall, 2.4M consumers reported losses due to fraud, putting the average loss per consumer at around $3,670. The top two types of scams consumers fell victim to were imposter scams and online shopping scams.
The large increase in the amount lost to scams in 2022 can be attributed to the relative ease of perpetrating a successful scam, compared to other methods of criminal monetization. Two methods which have been very popular in previous years - ransomware and cryptocurrency mining, have declined in recent years, due to them demanding increasing sophistication and resources from cybercriminals, while leading to lower returns on average.
September 5, 2023
Part two delves into the transformative potential of converting cyber risks from financial insights to actionable plans
August 14, 2023
Avoid the number one mistake enterprises make when negotiating a cyber insurance policy. It’s time to leverage cyber risk quantification.