Ransomware Surge As Dangerous New Gangs Take Over, Leaks Reveal

Cybersecurity Ransomware Surge As Dangerous New Gangs Take Over, Leaks Reveal Davey Winder Senior Contributor Opinions expressed by Forbes Contributors are their own. Co-founder, Straight Talking Cyber New! Follow this author to improve your content experience. Got it! Jul 13, 2022, 04:00am EDT | Share to Facebook Share to Twitter Share to Linkedin According to a new report into ransomware across the second quarter of 2022, it would appear that far from being on the decline, ransomware really is back in business.

Dangerous new gangs have emerged to take over from busted criminal groups and account for a worrying surge in successful ransomware attacks. MORE FROM FORBES Microsoft Downplays ‘High-Risk’ Edge Security Warning For 150 Million Users By Davey Winder The newly published Digital Shadows Q2 Ransomware Report analyzed threat actor activity on ransomware data-leakage sites and channels among other things. Ivan Righi, a senior threat intelligence analyst at Digital Shadows, found the second quarter of 2022 to have been both significant and highly active as far as ransomware gangs are concerned.

This was terrible news for at least 705 organizations because that’s the number that were actually compromised. Conti kiboshed, dangerous new players enter the ransomware arena In sharp contrast to the first quarter of the year, which saw a decline in successful ransomware activity, quarter two revealed a rise of 21%. This despite some of the most notorious criminal organizations, such as Conti, for example, eventually ceasing operations.

Successful Conti ransomware incidents were unsurprisingly, therefore, down by 37. 4% from the previous quarter. “Dangerous new gangs emerged,” Righi says, with ransomware actors continuing to “develop and evolve their tactics.

” Indeed, Digital Shadows has seen evidence of new tools being used for both initial access and attack continuation. MORE FROM FORBES VETTED 21 Amazon Prime Day Robot Vacuum Deals That Are Already Live By Sholeen Damarwala Forbes Staff 36 Prime Day Competitor Sales With Way Better Deals Than Amazon By Ciannah Gin Forbes Staff MORE FROM FORBES Google Warns Of Serious New Chrome Hack Attack Targeting Windows & Android By Davey Winder The LockBit threat actors have proved to be the successor to Conti in many ways, not least already overtaking that group in the total numbers of victims: Conti had shy of 900 over its lifetime, and LockBit is not far off 1,000 already. Regarding the quarterly report, LockBit was by far the most active, being involved in some 33% of all the successful ransomware attacks listed on those data-leak channels.

Of the 705 victims referenced in this analysis, LockBit accounted for the compromise of 231 of them. LockBit is dominating the ransomware threatscape Digital Shadows With the release of LockBit 3. 0, the criminal group announced a bug bounty program offering cash rewards for exploits related to high-value targets and pay-outs starting at $1,000.

The good news is that it appears there haven’t been many takers. Righi spotted threads on a Russian language cybercrime forum where the bounties on offer were dismissed as being too low, and doubt was expressed if anyone would actually get paid anyway. Ransomware attacks by country and sector By sector, industrial goods and services was the most targeted, with twice the number of attacks compared to technology in second place.

By country, the U. S. was far and away the most targeted nation, with the numbers of victims accounting for a whopping 38.

9% of the total. While Germany in second place and the United Kingdom in third saw the numbers of attacks increasing, the victim numbers for each were but a fraction of the U. S.

totals. What should you and your organization take away from this report? The answer is that now is certainly not the time to drop your guard against ransomware threats. What this means, in practical terms, is getting the basics of security hygiene right: monitor and patch all the things, get on top of multi-factor account authentication, employ network segmentation and make sure employees know what threats to look out for in their day to day online interactions.

MORE FROM FORBES Law Enforcement Email Opens Floodgate For Police Hackers By Davey Winder Follow me on Twitter or LinkedIn . Check out my website or some of my other work here . Davey Winder Editorial Standards Print Reprints & Permissions.