The use of zero-day and one-day vulnerabilities has led to a 143% increase in total ransomware victims between Q1 2022 and Q1 2023, according to new research from cloud security vendor Akamai. The firm's Ransomware on the Move: Exploitation Techniques and the Active Pursuit of Zero-Days report, based on findings collected from the leak sites of approximately 90 different ransomware groups, outlines the evolving tactics of ransomware threat actors.
Along with highlighting a considerable growth in vulnerability abuse, the report also found that ransomware groups are increasingly targeting the exfiltration of files - the unauthorized extraction or transfer of sensitive information - which has become the primary source of extortion. What's more, victims of multiple ransomware attacks are almost six-times more likely to experience a second attack within three months of the first, with smaller organizations at higher risk of being targeted by ransomware generally, according to the report.