Without Conti on the Scene, LockBit 2.0 Leads Ransomware Attacks
Analysts say an 18% drop in ransomware attacks seen in May is likely fleeting, as Conti actors regroup.
A 18% drop in ransomware attacks in May is probably the result of Conti's shutdown, but the actors are regrouping under other brands, including KaraKurt, Black Byte, Hive, and Black Basta, analysts said.
The latest report from NCC Group's threat intelligence team shows LockBit 2.0 maintained its top spot among ransomware groups, launching 40% of all attacks in May. Black Basta, which was discovered in April, along with Hive were behind 7% of attacks last month.
“Conti’s possible shutdown represents a significant change for the ransomware threat landscape, and it cannot go ignored," said Matt Hull, global lead for strategic threat intelligence at NCC Group, in a statement announcing the ransomware attack report findings. "It will be interesting to see which smaller groups replace it as it rebrands, and how these new or evolved actors will behave – which NCC Group will of course continue to monitor.”
The findings also show industrial and critical infrastructure remain an attractive target. The sector was on the receiving end of 31% of attacks in May, followed by consumer cyclicals at 22% and technology at 12%.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024