While average ransomware payments are up, the
percentage of people who pay is at an all-time low
WATERLOO, ON, Oct. 25,
2023 /PRNewswire/ -- OpenText (NASDAQ: OTEX), (TSX:
OTEX), today announced the Nastiest Malware of 2023, an annual
ranking of the year's biggest malware threats. For six consecutive
years OpenText Cybersecurity threat intelligence experts
have analyzed the threat landscape to determine the most
notorious malware trends. Ransomware has been rapidly ascending the
ranks, with ransomware-as-a-service (RaaS) now the weapon of choice
for cybercriminals.
This year four new ransomware gangs, believed to be the next
generation of previous big players, topped the list. Newcomer Cl0p
takes the prize for this year's nastiest malware after commanding
exorbitant ransom demands with its MOVEit campaign. Cl0p's efforts
helped skyrocket the average ransom payment which is rapidly
approaching three quarters of a million dollars. Black Cat, Akira,
Royal, Black Basta also made their debut, joined by the always
present, Lockbit.
"A key finding this year is the RaaS business model is another
win for the bad guys. Profit sharing and risk mitigation are top
contributors to RaaS success along with the ability to easily evade
authorities," said Muhi Majzoub, EVP and Chief Product Officer,
OpenText. "There is a silver lining as research shows only 29% of
businesses pay ransom, an all-time low. These numbers indicate
people are taking threats seriously and investing in security to be
in a position where they do not need to pay ransom."
This year's list highlights the tenacity of cybercriminals as
they continue to reinvent themselves, coming back stronger each
time (often with new names). Their scrappy mentality allows them to
go beyond the norm to find new ways to invade their target.
2023 Nastiest Malware
- Cl0p, a RaaS platform, became famous following a series
of cyberattacks, exploited a zero-day vulnerability in the MOVEit
Transfer file software developed by Progress Software. MOVEit
victims include such notable organizations as Shell, BBC, and the
United States Department of Energy.
- Black Cat, recognized in our 2021 Nastiest Malware
report, believed to be the successor to REvil ransomware group, has
built their RaaS platform on the Rust programming language. They
made headlines for taking down MGM Casino
Resorts.
- Akira, presumed to be a descendant of Conti, primarily
targets small to medium sized businesses due to the ease and
turnaround time. Most notably, Akira ransomware targeted Cisco VPN
products as an attack vector to breach corporate networks, steal,
and eventually encrypt data.
- Royal, suspected heir to Ryuk, uses Whitehat penetration
testing tools to move laterally in an environment to gain control
of the entire network. Helping aid in deception is their unique
partial encryption approach that allows the threat actor to choose
a specific percentage of data in a file to encrypt.
- Lockbit 3.0, a main stain on the list and last year's
winner, continues to wreak havoc. Now in its third epoch, Lockbit
3.0 is more modular and evasive than its predecessors.
- Black Basta is one of the most active RaaS
threat actors and is also considered to be yet another descendant
of the Conti ransomware group. They have gained a reputation for
targeting all types of industries indiscriminately.
To learn more about the findings of this year's Nastiest Malware
analysis, visit the OpenText Cybersecurity Community, as well
as tune in to our Nastiest Malware Webinar.
About OpenText Cybersecurity
OpenText Cybersecurity provides comprehensive security solutions
for companies and partners of all sizes. From prevention, detection
and response to recovery, investigation and compliance, our
unified/end-to-end platform helps customers build cyber resilience
via a holistic security portfolio. Powered by actionable insights
from our real-time and contextual threat intelligence, OpenText
Cybersecurity customers benefit from high efficacy products, a
compliant experience and simplified security to help manage
business risk.
About OpenText
OpenText, The Information Company™, enables organizations to
gain insight through market leading information management
solutions, powered by OpenText Cloud Editions. For more information
about OpenText (NASDAQ: OTEX, TSX: OTEX) visit opentext.com.
Connect with us:
OpenText CEO Mark Barrenechea's
blog
Twitter | LinkedIn
Certain statements in this press release may contain words
considered forward-looking statements or information under
applicable securities laws. These statements are based on
OpenText's current expectations, estimates, forecasts and
projections about the operating environment, economies, and markets
in which the company operates. These statements are subject to
important assumptions, risks and uncertainties that are difficult
to predict, and the actual outcome may be materially different.
OpenText's assumptions, although considered reasonable by the
company at the date of this press release, may prove to be
inaccurate and consequently its actual results could differ
materially from the expectations set out herein. For additional
information with respect to risks and other factors which could
occur, see OpenText's Annual Report on Form 10-K, Quarterly Reports
on Form 10-Q and other securities filings with the SEC and other
securities regulators. Unless otherwise required by applicable
securities laws, OpenText disclaims any intention or obligation to
update or revise any forward-looking statements, whether as a
result of new information, future events, or otherwise.
Copyright © 2023 OpenText. All Rights Reserved. Trademarks owned
by OpenText. One or more patents may cover this product(s). For
more information, please visit https://www.opentext.com/patents.
Third-party products mentioned are owned by the respective
third-party and/or its affiliates.
OTEX-G
View original content to download
multimedia:https://www.prnewswire.com/news-releases/opentext-cybersecurity-nastiest-malware-of-2023-shows-ransomware-as-a-service-now-primary-business-model-301966112.html
SOURCE Open Text Corporation