Australia in the top 10 countries affected by successful RaaS and

extortion attacks in Q1 and Q2 2023

Trend Micro data shows new ransomware victims surged 47% globally in six months

SYDNEY, September 25, 2023 – Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today published data revealing that Australia was one of the top 10 countries targeted by ransomware operators with a total of 47 ransomware victims in the first six months of 2023.

The news follows data released by Trend Micro earlier this year which highlighted that Australia and New Zealand (ANZ) have the highest rate of ransomware attacks in the Oceania region (76%), underlining that the two countries continue to be major targets for bad actors.

U.S.-based organisations remain a prime target for ransomware operators, with the highest number of ransomware victims in the first half of 2023 (949) – accounting for nearly half of all ransomware attacks. This figure represents a 70% increase compared to the second half of 2022. The U.K. (132) and Canada (88) were the next most affected countries. The report also noted that the number of new victims increased by 47% globally from the second half of 2022.

To read a copy of the report, LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023, please visit: https://www.trendmicro.com/vinfo/au/security/news/ransomware-by-the-numbers/lockbit-blackcat-and-clop-prevail-as-top-raas-groups-for-1h-2023

Mick McCluney, Technical Director ANZ, Trend Micro: “We’ve observed a significant increase in the number of ransomware victims since the second half of 2022. Threat actors continue to innovate, target more victims, and cause significant financial and reputational damage. Organisations of all sizes must prioritise and enhance their cybersecurity posture. Our report should help network defenders, policymakers, and other stakeholders make better-informed decisions in the ongoing fight against ransomware.”

The report* revealed that many ransomware threat actors are no longer going after “big game” targets, instead focusing on smaller organisations they presume to be less well-defended.

Organisations of up to 200 employees accounted for a majority (57%) of LockBit victims and a plurality (45%) of Black Cat victims in the first half of this year. For Clop, large enterprises accounted for half (50%), with small businesses comprising 27%.

Other global findings from the report include:

• 47% increase in new Ransomware as a Service (RaaS) victims, from 1,364 in 2H 2023 to 2,001 in 1H 2023
• 11.3% increase in the number of new RaaS groups over the period to 69 in 1H 2023
• LockBit, the top ransomware family since 2022, accounted for 26.09% of total victim organisations, with BlackCat and Clop responsible for 10.59% and 10.09% of attacks, respectively.
• The banking, retail, and transportation sectors were the most targeted in 1H 2023.
• I.T., healthcare, and manufacturing emerged as the most targeted sectors in terms of ransomware file detection.

*The report is compiled with data collected from ransomware-as-a-service (RaaS) and extortion groups’ leak sites, Trend Micro’s open-source intelligence (OSINT) research, and the Trend Micro™ Smart Protection Network™.

About Trend Micro

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fuelled by decades of security expertise, global threat research, and continuous innovation, Trend Micro’s cybersecurity platform protects hundreds of thousands of organisations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defence techniques optimised for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organisations to simplify and secure their connected world. www.TrendMicro.com.au