April 21, 2023

According to the latest monthly threat analysis from the NCC Group’s Global Threat Intelligence Team, ransomware assaults have increased dramatically.

The research says ransomware assaults increased 91% in March compared to February, and 62% compared to the same month last year. This is the most monthly ransomware assaults the organisation has ever reported.

Cl0p, a Russian-linked firm that specializes in double extortion, was the most active threat actor in March, accounting for 28% of all victims. Cl0p has been active since 2019 and is notorious for stealing data and threatening to reveal it unless a ransom is paid. Cl0p has topped the list of Ransomware-as-a-Service (RaaS) providers for cybercriminal gangs for the first time.

LockBit 3.0 was the second most active attacker, accounting for 21% of all assaults, while the non-aligned attack group Royal was the third most active, with a 106% increase in attacks in March compared to February.

In terms of geography, North America received about half of the attention in March, followed by Europe and Asia. Last month, the industrial sector was the most targeted, accounting for 32% of all attacks. Consumer cyclicals and technology were in second and third, with 13% and 12%, respectively. The number of victims in professional and commercial services climbed by 120% inside the industrial sector, while assaults on machinery, tools, heavy vehicles, railways, and ships increased by 127%. Construction and engineering sector attacks climbed by 16%.

In terms of geography, North America received about half of the attention in March, followed by Europe and Asia. Last month, the industrial sector was the most targeted, accounting for 32% of all attacks. Consumer cyclicals and technology were in second and third, with 13% and 12%, respectively. The number of victims in professional and commercial services climbed by 120% inside the industrial sector, while assaults on machinery, tools, heavy vehicles, railways, and ships increased by 127%. Construction and engineering sector attacks climbed by 16%.

The sources for this piece include an article in TechRepublic.