CyberCube, a cyber risk analytics company, found cybercriminals could target up to 70,000 outdated VMware ESXi servers as part of the "ESXiArgs" ransomware campaign.
The discovery comes after thousands of companies in North America and Western Europe reported cyberattacks relating to the ESXiArgs campaign in February 2023.
During the ESXiArgs campaign, threat actors have been encrypting configuration files on vulnerable ESXi servers, CyberCube noted. When cybercriminals do this, they can render end-users' virtual machines (VMs) unusable.
To date, more than 2,000 servers have been infected by the ESXiArgs ransomware, CyberCube reported. In addition, most of the compromised ESXi servers are located in France and Germany. At least a dozen universities also have been impacted by the ransomware.
Ransomware Attacks in 2022: What MSSPs Need to Know
CyberCube's discovery comes after more than 200 large organizations in the United States indicated they suffered a ransomware attack in 2022, security provider Emsisoft stated in its State of Ransomware in the U.S. report. These organizations included local governments, schools and healthcare providers.
Meanwhile, Emsisoft indicated that the number of ransomware attacks remained relatively consistent in 2022 in comparison to the three previous years. However, this also showed that the volume of ransomware attacks have not declined over the prior three years.
World Leaders Work Together to Combat Ransomware
The White House in 2022 hosted its second International Counter Ransomware Initiative Summit to bring world leaders together to find ways to disrupt cybercriminals as they try to develop and execute ransomware attacks. Government officials continue to look for ways to combat ransomware attacks as well.
MSSPs can use threat detection and response tools from SpyCloud and other cybersecurity companies to help their customers guard against ransomware attacks. They also can teach their customers about ransomware attacks and the dangers associated with them and help them identify the best ways to protect their IT infrastructure against these attacks.