Report: Ransomware Attacks Increase In February After Quiet December, January | #malware | #ransomware

Ransomware attacks continue to increase, with NCC Group reporting a nearly 53% rise in ransomware incidents last month.

According to the cybersecurity and risk mitigation firm, ransomware attacks increased from 121 in January to 185 in February, with industrials, consumer cyclicals and technology the most targeted sectors.

This NCC report comes after the organization reported a seasonal reduction in ransomware behavior across December and January, but echoes similar increases seen from early 2021, when ransomware attacks jumped 55.1% from January and February 2021.

NCC Group says Lockbit 2.0 remains the most persistent ransomware group, making up 42.2% of all attacks, with industrials the most targeted sector by the hackers, making up 30.77% of the group’s total attacks.

The next two most active ransomware groups are Conti (17.8%) and BlackCat (11.4%), with the latter rising from just 5% that they were responsible for in January. NCC Group’s report focused on Conti, which posted a message on its public facing blog site in support of the Russian government, which was changed to distance themselves given the war in Ukraine.

That led to a member of the Conti ransomware group leaking internal information that IT and security professionals have been pouring over since earlier this month.

The report also found that North American and Europe are facing an equal amount of ransomware attacks for the second straight month, which NCC Group characterizes as an “abnormal finding” since North America was historically the most targeted.

Matt Hull, cyber threat intelligence at NCC Group, said security professionals are closely monitoring those patterns to see if European organizations are at increased risk of attack.

On the Conti leaks, Hull doesn’t put much stock into the belief that the group is done and laying low.

“The disruption in Conti activities comes as a welcome change, but with clients continuing to come under new attacks, it is clear that this ransomware variant is still very much in use,” Hull says. “Our Strategic Threat Intelligence team continues to keep an eye on the use of Conti, and as always will provide updates to our customers to help them manage the risk to their organizations.”


Original Source link

Leave a Reply

Your email address will not be published.

9 + one =