The second half of 2023 saw a significant increase in cyber-attacks aimed at stealing data and demanding ransoms in exchange for restoring affected systems. Swascan’s SOC and Threat Intelligence Team conducted an in-depth analysis on ransomware, malware and phishing scenarios, providing a detailed picture of emerging threats and evolving trends.

Numerous ransomware campaigns were observed during H2, characterized by the spread of malicious
software that encrypts victims’ data and then demands a ransom to repriransom them. These attacks
have affected a wide range of industries, including financial, healthcare, and governmental, putting
information security and business continuity at risk. The evolution of tactics used by cybercriminals, especially in H2, has been particularly troubling. Ransomware has become increasingly sophisticated and targeted, and numerous new ransomware gangs have emerged.
Parallel to ransomware attacks, phishing has continued to pose a significant threat to cybersecurity.
Attackers have used increasingly sophisticated methods to deceive users, creating deceptive emails,
websites, and text messages that appear to come from legitimate sources. Through these techniques,
attackers try to obtain sensitive information such as passwords, financial data, and login credentials in
order to commit fraud and harm victims.

In this report, we will analyze the major recorded ransomware and phishing attacks, highlighting modes of operation, victims, affected regions, and emerging trends, and examine recommended security
measures to mitigate the risk of these threats.

For further analysis: