Surge in Cybercrime: Check Point 2023 Mid-Year Security Report Reveals 48 Ransomware Groups Have Breached Over 2,200 Victims

Old and new blend in cybercrime, AI and USB devices become unexpected accomplices. Lockbit3 leads ransomware surge in the first half of the year; Unconventional targets surface amid new attack patterns


SAN CARLOS, Calif., Aug. 23, 2023 (GLOBE NEWSWIRE) -- Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has unveiled its 2023 Mid-Year Security Report. The report uncovers an unsettling 8% surge in global weekly cyberattacks in the second quarter, the most significant increase in two years, highlighting how attackers have cunningly combined next-gen AI technologies with long-established tools like USB devices to conduct disruptive cyberattacks. The report also showcases how ransomware attacks have escalated in the first half of the year with new ransomware groups coming into the scene.

From the triple extortion attack on the University of Manchester to the rise of new group Anonymous Sudan targeting western organizations, the 2023 Mid-Year Security Report uncovers the trends and behaviors that have defined the year so far.

Key insights from the 2023 Mid-Year Security Report include:

  • Ransomware groups have stepped up their game, exploiting vulnerabilities in commonly used corporate software and shifting their approach from data encryption to data theft.
  • USB Devices have resurfaced as significant threats, with both state-affiliated groups and cybercriminals deploying USB drives as vectors for infecting organizations globally.
  • Hacktivism has seen a rise, with politically motivated groups launching attacks on selected targets.
  • Artificial Intelligence misuse has amplified, with generative AI tools being used to craft phishing emails, keystroke monitoring malware, and basic ransomware code, calling for stronger regulatory measures.

In H1 2023, 48 ransomware groups have breached over 2,200 victims, with Lockbit3 being the most active, reporting a 20% increase in victims compared to H1 2022. The emergence of new groups like Royal and Play is associated with the termination of Hive and Conti Ransomware-as-a-Service (RaaS) groups. In terms of geography, 45% of victims are in the US, with an unexpected rise in Russian entities due to the novel actor "MalasLocker", which substitutes ransom demands with charitable donations. The manufacturing and retail sectors have seen the most victims, suggesting a shift in ransomware attack strategy.

“Criminal activities have continued to rise in the first half of the year, with an 8% surge in global weekly cyberattacks in the second quarter marking the highest volume in two years. Familiar threats such as ransomware and hacktivism have evolved further, with threat groups modifying their methods and tools to infect and affect organizations worldwide. Even legacy technology such as USB storage devices, which have long been gathering dust in desk drawers, have gained popularity as a malware messenger.” said Maya Horowitz, VP Research at Check Point Software.

“Organizations need to build a cyber resiliency strategy and strengthen their defenses by adopting a prevention-first, integrated approach to cyber security. Cyberattacks are inevitable but can be largely prevented by proactive measures and the right security technologies”.

The 2023 Mid-Year Security Report provides a comprehensive account of the cyber-threat landscape. The findings are based on data drawn from the Check Point ThreatCloud Cyber-Threat Map which looks at the key tactics’ cybercriminals are using to carry out their attacks. A full copy of the report is available here: https://pages.checkpoint.com/2023-mid-year-cyber-security-report.html

Follow Check Point Research via:
Blog: https://research.checkpoint.com/ 
Twitter: https://twitter.com/_cpresearch_ 

About Check Point Research 
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs. 

About Check Point Software Technologies Ltd.  
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cybersecurity solutions to corporate enterprises and governments globally. Check Point Infinity’s portfolio of solutions protects enterprises and public organisations from 5th generation cyberattacks with an industry leading catch rate of malware, ransomware and other threats. Infinity comprises four core pillars delivering uncompromised security and generation V threat prevention across enterprise environments: Check Point Harmony, for remote users; Check Point CloudGuard, to automatically secure clouds; and Check Point Quantum, to protect network perimeters and datacenters, all controlled by the industry’s most comprehensive, intuitive unified security management; Check Point Horizon, a prevention-first security operations suite. Check Point protects over 100,000 organizations of all sizes.          

MEDIA CONTACT:  INVESTOR CONTACT:
Emilie Beneitez Lefebvre  Kip E. Meintzer
Check Point Software TechnologiesCheck Point Software Technologies
press@checkpoint.comir@us.checkpoint.com