The Asia-Pacific and Japan regions witnessed a staggering 204% increase in total ransomware victims driven by the exploitation of zero-day and one-day vulnerabilities between Q1 2022 and Q1 2023.
Akamai Technologies‘ new report titled “Ransomware on the Move: Exploitation Techniques and the Active Pursuit of Zero-Days” sheds light on the evolving tactics and vulnerabilities ransomware groups exploit.
The report finds out that the ransomware groups have shifted focus from phishing to vulnerability abuse, infiltrating businesses’ internal networks to deploy ransomware. This shift has exposed essential infrastructure to significant risks, with key industries such as manufacturing, business services, construction, retail and energy, utilities, and telecommunications being actively targeted.
Using exfiltration tactics – unauthorised extraction or transfer of sensitive information – as the primary source of extortion represents a notable shift in the ransomware landscape. This development underscores the inadequacy of traditional file backup solutions in safeguarding against ransomware attacks.
LockBit emerged as a dominant Ransomware-as-a-Service player, accounting for 51% of the attacks, with the ALPHV and CLOP ransomware following the lead. LockBit has spread its tentacles across various sectors, including manufacturing, business services, construction, pharma, retail and energy industries.
Key findings of the report also reveal that small-to-medium-size enterprises with reported revenues up to $50 million constitute a major share of ransomware victims. The report also highlights a disconcerting trend where victims of multiple ransomware attacks are over six times more likely to experience a second attack within three months of the first incident, indicating that the firms were not serious about cybersecurity even after the first attack.
“Businesses – especially SMEs in APJ – must work to adopt a zero trust architecture starting with software-defined micro-segmentation to mitigate ever-evolving cyber attacks as well as Ransomware-as-a-Service effectively. By doing so, they can successfully protect their critical assets and business reputation and ensure business continuity regardless of the attack tool deployed by cyber criminal gangs,” said Dean Houari, Director of Security Technology and Strategy, Akamai.
The report serves as a wake-up call for businesses, particularly SMEs, to take proactive steps in fortifying their cybersecurity defences by adopting zero-trust architecture beginning with software-defined micro-segmentation and a robust collaboration between private and public sectors in the Asia-Pacific and Japan regions.