Now that we’re halfway through the year, it’s a good time to review the cybersecurity landscape, particularly around ransomware. Whilst the volume of ransomware attacks decreased by 23% in 2022 compared to 2021, there was ransomware resurgence in early 2023, with the number of victims in March nearly double that of last April and 1.6 times higher than the peak month in 2022.
So here are five of the most notable ransomware attacks of the year to date.
1. Royal Mail (January)
The UK’s largest mail and parcel delivery company was affected by a LockBit ransomware attack earlier this year. This ransomware group is known to target businesses and government entities mainly through malicious email attachments, lack of adequate email security, and cascading file system infections. The attack caused disruption to their service for around two months. And when Royal Mail refused to pay the ransom, highlighting that their revenue was nowhere near as high as the hackers believed, the group later leaked employee data online.
2. San Francisco Bay Area Transit District (January)
Earlier this year, an established group of ransomware hackers known as Vice Society stole and shared more than 120,000 sensitive files from San Francisco Bay Area Transit (BART) district’s police department. Some of these included specific child abuse allegations.
3. Hospital Clinic Barcelona (March)
This ransomware attack crippled the computer systems of one of the biggest hospitals in Barcelona, causing 3,000 patient checkups and 150 non-urgent operations to be cancelled. The attack was reported by a local cybersecurity company to be the work of hacker group Ransom House. In general, cyber attacks on the healthcare sector are on the rise with 155 data breaches so far in 2023.
4. Procter & Gamble (March)
In March this year, P&G confirmed that they were a victim of a data breach, carried out by the ransomware syndicate Cl0p, which resulted in some employee information being stolen. The group was able to access P&G’s data as a result of a zero-day bug found on Fortra’s GoAnywhere managed file transfer. Several other organisations were affected by this, including Shell, Virgin, Rubrik and Stanford University.
5. Yum! Brands (April)
At the beginning of the year, Yum! Brands – owner of fast food retailers such as KFC, Pizza Hut and Taco Bell – were forced to close almost 300 restaurants in the UK due to a ransomware attack by an unknown group. In April they revealed that some employee data – primarily of those based in the US – had been exposed. Since then, several former and current employees in the US have filed a class-action lawsuit against the company as a result of the hack.
As demonstrated above, ransomware groups do not discriminate between private sector or public sector. It’s therefore crucial that all organisations are prepared to deal with any potential threats.