SECTION 01
RANSOMWARE INSIGHTS
Figure 1: Global Ransomware Attacks by Month
As we continue into Q2, the pattern which was established in last month’s Threat Pulse – generally speaking ransomware activity will increase each year until a more lucrative opportunity presents itself to Organised Crime Groups (OCGs) – can continue to be observed. Despite the dip in March of this year when activity levels were lower than in March 2023, 421 observed attacks compared to 459, every month in 2024 has observed higher levels of ransomware activity than in 2023. In April’s edition, one reason we attributed to the lower- than-expected levels of ransomware activity was the massive drop-in activity from LockBit 3.0. This was likely due to their targeting by law enforcement agencies in February. Although they are once again the most active group for May, with nearly 100 more attacks than was recorded in May 2023, there is still some consternation amongst the cybercriminal community as to whether or not to get involved with the group. Any threat actor touched by the long arm of law enforcement is treated with suspicion after the fact, and sometimes their reputation never recovers. There is some speculation that LockBit has not actually managed to recover their operations fully but is instead reposting old victims in an attempt to put forth an image of imperturbability.
Until the status of LockBit, their activity, and their affiliates is more clearly understood, we will be taking their claims at face value and reporting on what victims are found on their leak site. For those organisations that feel they could benefit from in-depth ransomware insights, which is a threat that has only continued to significantly rise in prevalence and sophistication over the past few years, we point you towards our Enhanced Threat Intelligence Subscription Service. This package gives clients access to our Premium Threat Pulses, Threat Monitor Reports, and Threat Intelligence Alerts – reported within 24 hours - for significant vulnerabilities and cyber campaigns. For Ransomware Insights specifically, we elaborate on the most targeted sectors and regions, as well as the most active ransomware groups so organisations can proactively enhance their security posture based on the threat to their specific areas of operation.
4
5
Made with FlippingBook flipbook maker