Vulnerability exploitation on the rise

Popular threat actors utilize a variety of vulnerabilities to access companies’ sensitive information. Visa analyzed payment-related fraud and data breaches throughout 2023. According to the report, the most impactful ransomware attack of 2023 affected an estimated 2,620 organizations along with 77.2 million individuals whose PII was breached across the infiltrated organizations.

The ransomware threat group known as CL0P claimed responsibility for the attack on 6 June 2023, but researchers for the report suspect that CL0P began leveraging a zero-day vulnerability (CVE-2023-34362) as early as July 2021. This followed CL0P’s deployment of ransomware on 31 January 2023 exploiting a vulnerability (CVE-2023-0669) in a different file transfer software, which allowed threat actors to obtain data from 130 organizations.

The targeted file transfer service was a common vendor across numerous merchants including financial services and institutions, retail, education, healthcare as well as other merchant sectors and industries.

Additionally, the report identified North America as the most impacted region in terms of ransomware/data breach incidents impacting the payments ecosystem. The North America region experienced nearly three times the number of ransomware attacks compared to the Europe region, which experienced the second highest level of incidents based on Visa PFD ransomware incident tracking.

Find out more here.