Insights from an Arctic Wolf report reveal a year filled with cybercrime groups significantly increasing ransom demands, continuing to exploit well-known vulnerabilities that pre-date 2023, and executing business email compromise (BEC) schemes on a massive scale.
“By helping to end cyber risk for thousands of customers around the globe, Arctic Wolf Labs has access to an unmatched amount of data that allows us to provide deep and differentiated insights about the cybercrime landscape for both security practitioners and business leaders alike,” says Mark Manglicmot, SVP of security services, Arctic Wolf. “Not only do our findings from this report provide valuable insights to the cybersecurity community, but they also serve as a direct input to the threat detection models contained within the Arctic Wolf Security Operations Cloud, that ensures we are able to defend our customers against cyber threats of all shapes and sizes.”
Key takeaways:
- The median initial ransom demand rose 20% year-over-year to $600,000; with retail and other industries seeing median demands of $1 million or more.
- Despite BEC incidents outnumbering ransomware incidents by a factor of 10, a ransomware incident is 15 times more likely than a BEC incident to lead to an incident response investigation.
- Vulnerabilities first disclosed in 2022 or earlier continue to account for nearly 60% of incidents where the root cause was the exploitation of an externally accessible system.
- Manufacturing, business services, and education/non-profit were the Top 3 industries to appear on ransomware leak sites.
