Osterman Research

OpenText Cybersecurity published the 2023 version of its Nastiest Malware report (sixth year). There’s a press release and report.

Key findings:

• Ransomware (as a category of malware) tops the nastiest list in 2023, driven by ransomware-as-a-service (RaaS) business models. This aligns with our 2022 report on ransomware, in which we profiled the growing prevalence of RaaS as driving increases in ransomware attackers, attacks, and variants. In 2023, Cl0p has been particularly active.
• Double / triple extortion designs are highly devastating to organizations, because even if there is a backup to restore data, the threat of the ransomware gang publishing stolen data forces many organizations to pay the ransom.
• The press release says that “only 34% of businesses pay ransom, an all-time low.” In light of the double / triple extortion comment above, we had to think this one through. For it to be so low, the 71% of organizations that are not paying the ransom must do two things very well – firstly, have data backups to enable rapid and error-free restoration, and secondly, use strong data protection methods such as encryption so that any exfiltrated data is unreadable and won’t trigger “crisis communications and data compliance fines” (see the report for that line). With the way ransomware is going, organizations not doing both are asking for trouble.
• The average ransom payment, when one is made, skyrocketed to $740K (in Q2 2023). In late 2021, the average was $167K. That’s a big change, and one that OpenText attributes to the wild success of Cl0p’s exploitation of customers using MOVEit Transfer.