Ransomware attacks in Nigeria increased by 7% in first half of 2023

One of the greatest dangers to information security both internationally and in the META area continues to be ransomware attacks. According to IBM’s data breach report, the average cost of a ransomware assault was US$4.54 million in 2022, and Kaspersky (www.Kaspersky.co.za) solutions found over 74.2M attempted ransomware attacks (a 20% increase from 2021).

While the number of ransomware assaults decreased in the beginning of 2023, several regions experienced an increase in attacks in Q2, especially when compared to the same time period in 2022. Data from the Kaspersky Security Network shows that compared to H1 2022, ransomware attack attempts against individual and business users in Nigeria increased by 7% in H1 2023.

Although there was a 3% decline in Kenya between H1 2023 and H1 2022, there was a 2% increase between Q2 2023 and Q2 2022. Kaspersky products stopped all of these efforts.

It cannot be stressed that ransomware is growing more sophisticated and targeted, even though ransomware statistics may vary by season and place (https://apo-opa.info/3Ovy2eY). Attackers using ransomware target a wide range of organisations, including industrial firms, healthcare organisations, educational institutions, and service providers (https://apo-opa.info/473nWJA, 3KgWAWu).

Among the top five most prominent and prolific ransomware groups, LockBit, one of the world’s most active ransomware groups, held the top spot at the beginning of 2023 (https://apo-opa.info/3q6MHUC). Vice Society and BlackCat took the place of REvil and Conti. Clop and Royal were the last two ransomware groups to make up the top five at the start of 2023.

International ransomware organisations are constantly upgrading their methods. They are primarily motivated by three things. The likelihood of being caught while attacking a certain organisation comes first. The size of the prospective ransom is the second consideration. Finally, they always estimate the attack’s technical complexity. Attackers reevaluate if even one of these characteristics doesn’t fit their intentions, according to Dmitry Galov, head of the Russian Kaspersky Global Research and Analysis Team (GReAT). “Installing strong security measures will probably deter ransomware groups from targeting an enterprise. Given that ransomware attacks can have severe effects like the irreversible loss of information, the disruption of business processes, the loss of time, damage to reputation and huge financial losses, it is an investment that must be made.

In AV-TEST’s Advanced Threat Protection Test evaluations, Kaspersky Endpoint Security for Business, Kaspersky Small Office Security, and Kaspersky Internet Security all shown to be 100% successful against ransomware attacks. The goods didn’t lose a single user file over ten distinct full-chain attacks.

The Dutch National Police’s National High Tech Crime Unit, Europol’s European Cybercrime Centre, Kaspersky, and other collaborators created the No More Ransom campaign in 2016 to battle ransomware and aid individuals impacted (https://apo-opa.info/3OuXz8d). Participants offer decryption tools, best practises, and instructions for reporting cybercrimes on the official website, regardless of where the incident occurred. These priceless tools have assisted 173 ransomware families’ victims in regaining access to their data without paying any ransoms. The effort also attempts to spread knowledge about ransomware and infection avoidance strategies. Kaspersky has been a significant contributor to No More Ransom since the initiative’s beginning as a founding member.

• Consider according to the guidelines provided by Kaspersky to safeguard both you and your company from ransomware attacks:
• Avoid using public networks to access remote desktop/management services (such RDP, MSSQL, etc.) unless it is absolutely required, and whenever you do, make sure to protect them with strong passwords, two-factor authentication, and firewall restrictions.
• Install any patches that are readily accessible for the commercial VPN services you are using to give remote workers access and serve as network gateways.
• Maintain software updates on all of your devices to stop ransomware from taking advantage of security flaws.

• Detecting lateral movements and data exfiltration to the Internet should be the main focus of your defence plan. Pay close attention to the outgoing traffic to spot connections from fraudsters.
• Regularly backup your data, paying close attention to offline backup techniques. Make sure you can rapidly get to it if necessary in an emergency.
• AVOID DOWNLOADING AND INSTALLING PIRATED OR UNKNOWN SOURCES OF SOFTWARE.
• Evaluate and audit the access to your environment that your managed services and supply chain have.
• In the sad event of data theft, create an action plan for the reputational damage of your data exposure.

• Use tools like Kaspersky Managed Detection and Response (https://apo-opa.info/3DvXkDx) and Kaspersky Endpoint Detection and Response Expert (https://apo-opa.info/3OsQQvs) to detect and stop attacks in their early phases, before attackers succeed in achieving their objectives.
• Educate your staff on environmental protection for the workplace. Specialised training programmes, such those offered by the Kaspersky Automated Security Awareness Platform (https://apo-opa.info/3X1m0wN), can be beneficial.

• Use a trustworthy endpoint security programme like Kaspersky Endpoint Security for Business, which has a remediation engine that can undo harmful acts, behaviour detection, and exploit protection built in. Additionally, KESB has defence systems that can stop cybercriminals from removing it.
• Utilise the most recent Threat Intelligence data (https://apo-opa.info/43V1DnQ) to keep abreast of the TTPs that threat actors are actually employing. A single point of access for Kaspersky’s TI, the Kaspersky Threat Intelligence Portal offers information on cyberattacks and insights acquired by our team over a 25-year period.