Companies of all sizes throughout the world were the target of increasing numbers of ransom cyberattacks in 2023, according to Israel’s National Cyber Directorate.
Israel was no exception to this trend, it said in a report on cybercrime published last month.
One trend seen in cybercrime in the wake of the outbreak of the Israel-Hamas war was the “migration from activism to cybercrime,” the report said, citing groups such as GhostSec and TYG, which have offered ransomware (malware that demands a ransom to access encrypted files) as a product in parallel to their normal activity.
There was a 60% increase in attacks in 2023, compared with 2022, the report said. Most of this increase was seen in the second half of 2023, while data in the first half of the year was similar to what was seen in 2022, it said.
Perpetrators of ransom extorted almost $450 million from victims around the world in the first half of 2023, the report said, citing the US Department of Homeland Security.
The Cyber Directorate said ransomware would continue to be a central threat to organizations in 2024.
Ransomware users are persistent and adaptive
Those using ransomware have shown that they are persistent, adaptive, and able to handle authorities’ responses to their actions by constantly changing structures and tactics, the report said.
The success of attacks in 2023 would lead to an increase in the number of organizations engaging in ransomware attacks in 2024, it said.
The report “shows the significant rise in capabilities and impact of financially motivated threat actors in cyberspace,” said Shahar Madar, vice president of security and trust for Fireblocks, a digital-asset security company.
“Over the years, actors who look for a financial return on investment (rather than intelligence/espionage orientation) have taken a more significant role in the number of attacks,” he said, adding that the “evolution of RaaS (ransomware-as-a-service), as well the risk of Initial Access Brokers (IAB), serves as evidence” for this.
Madar predicted that there would be an increase in collaboration among nation-state actors and cybercrime groups in 2024, as these groups become more powerful. He urged companies to protect themselves by investing in cybersecurity awareness and products.