top of page
Search

Ransomware Attacks are on the Rise



Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.


After a recent dip, ransomware attacks are back on the rise. According to data released by NCC Group, the resurgence is being led by old ransomware-as-a-service (RaaS) groups.

With data gathered by “actively monitoring the leak sites used by each ransomware group and scraping victim details as they are released,” researchers have determined that Lockbit was by far the most prolific ransomware gang in July, behind 62 attacks.


That’s ten more than the month prior, and more than twice as many as the second and third most prolific groups combined. “Lockbit 3.0 maintain their foothold as the most threatening ransomware group,” the authors wrote, “and one with which all organizations should aim to be aware of.”

Those second and third most prolific groups are Hiveleaks – 27 attacks – and BlackBasta – 24 attacks. These figures represent rapid rises for each group – since June, a 440 percent rise for Hiveleaks, and a 50 percent rise for BlackBasta.

It may well be that the resurgence in ransomware attacks, and the rise of these two particular groups, are intimately connected.

Why Ransomware Has Bounced

Researchers from NCC Group counted 198 successful ransomware campaigns in July – up 47 percent from June. Sharp as that incline may be, it still falls some ways short of the high-water mark set this Spring, with nearly 300 such campaigns in both March and April.

Why the Flux?

Well, in May, the United States government ramped up its efforts against Russian cybercrime by offering up to $15 million for prized information about Conti, then the world’s foremost ransomware gang. “It is likely that the threat actors that were undergoing structural changes,” the authors of the report speculated, “and have begun settling into their new modes of operating, resulting in their total compromises increasing in conjunction.”

Hiveleaks and BlackBasta are the result of that restructuring. Both groups are “associated with Conti,” the authors noted, Hiveleaks as an affiliate and BlackBasta as a replacement strain. “As such, it appears that it has not taken long for Conti’s presence to filter back into the threat landscape, albeit under a new identity.”


 
 
 

Comments

We understand you may need help with more than just Managed IT Services. That’s why we’ve expanded our offerings. We’re happy to offer Managed IT Services – but we’re even happier to take the much-needed care of your business technology entirely off your plate. Ready to learn more about our competitive pricing and packages? ​Contact us today so we can schedule a free onsite Network Analysis and Risk Assessment of your network infrastructure, servers, and workstations.

LATEST BLOG

CONTACT US

UNDERSTANDING IT

Learn more about Unique Solutions and what we can offer for your business.

(888) 417-5155

Unique Solutions MSP, Inc.

South Western Idaho

372 S Eagle Rd., #305

Eagle ID, 83616

Southern California

31805 Temecula Parkway, #248

Temecula, CA 92592

IT can be a complicated thing - trust us, we know. With so much terminology and moving parts to keep track of, there are a lot of concepts that can be tricky to grasp without a little guidance. We’re here to provide this guidance with a few brief guides to key IT topics.

Login to view our member area, member forum, and Newsletters! 

bottom of page