Nuspire Releases Q2 2023 Cyber Threat Report: Surge in Ransomware and Vulnerability Exploitation

Nuspire, a prominent managed security services provider (MSSP), has unveiled its Q2 2023 Cyber Threat Report, offering a comprehensive analysis of the evolving threat landscape.
Nuspire Cyber Security Threat Report Q2 2023
This quarterly report delves into critical threat data encompassing malware, botnets, and exploits, while also spotlighting specific tactics, techniques, and procedures (TTPs) that organizations need to remain vigilant against.

Nuspire’s latest report reveals a significant upswing in ransomware activity, highlighted by a staggering 65 percent surge in activity from a novel entrant to the list of top ransomware groups: CL0P. A deeper examination within the financial industry unveiled a concerning 43 percent increase in ransomware extortions.

J.R. Cunningham, Chief Security Officer at Nuspire, emphasized the driving forces behind the surge in attacks: “Ransomware groups like LockBit and CL0P have propelled a notable escalation in attacks over recent months, leveraging relentless exploitation of zero-day vulnerabilities and known weaknesses. While the case of MOVEit Transfer underscores the magnitude of these attacks, our data also underscores the continued vulnerability of older software like Apache. This highlights the evident gaps in patching and vulnerability management operations within many organizations, significantly heightening their exposure risks.”

Key insights from Nuspire’s freshly released cyber threat report include:

A nearly 18 percent surge in total ransomware extortion incidents.

Apache vulnerabilities accounting for 25 percent of exploits. Notably, Apache Software features in around 31 percent of all global websites, heightening the concern.

A 16 percent expansion in botnets during Q2, with Torpig Mebroot, a trojan recognized for data theft, maintaining its leading position as the most detected botnet.

The latest IDC research on ransomware indicates a substantial increase in incident rates since the July 2021 sample. Merely 22 percent of organizations attacked by ransomware in the March 2023 sample managed to recover data/files without paying a ransom. This underscores the critical need for organizations to adopt proactive cybersecurity measures. These measures encompass thorough threat and vulnerability investigations, adversary identification, and the cultivation of a robust cybersecurity posture and prevention strategies.

“Integrating a cybersecurity program with robust cyber-recovery capabilities equips organizations with the indispensable cyber resilience required during and post an attack,” Cathy Huang, Research Director for Security Services at IDC, said.

Nuspire’s Q2 2023 Cyber Threat Report stands as a crucial resource in the ongoing battle against evolving cyber threats, equipping organizations with insights to bolster their cybersecurity strategies and protect against the ever-growing risk landscape.