There were 514 ransomware attacks in September 2023 alone, making it a record month for this type of cybercrime, new figures from NCC Group claim.
According to the report, it was not only a record breaker when it came to the number of attacks, but also when it came to the number of attackers. The only month that even remotely came close in 2023 was March, and that month had 459 attacks. At the time, most of the reported attacks were the result of the MOVEit Transfer incident, carried out by the (apparently) Russian group Cl0p.
This time, Cl0p was almost inactive, while three other groups dominated the “charts”: LockBit 3.0 with 79 attacks, LostTrust with 53 and BlackCat with 47. If you don’t know who LostTrust is, you can be excused, because this is a relatively new one player on the board. In its article, BleepingComputer said that LostTrust may be a rebrand of MetaEncryptor, as the code for both overlaps significantly.
4,000 attacks
Other notable mentions include RansomedVC. In addition to the usual threat of data breaches, this group also threatens to report the victim to the national data protection regulator, as the breach would effectively mean the victim is in breach of the General Data Protection Regulation (GDPR). RansomedVC successfully compromised 44 victims.
Furthermore, every fifth attack in September was carried out by a newcomer. The majority of attacks occurred in North America (50%), followed by Europe (30%) and Asia (9%). The attackers were most interested in the industrial sector (169 attacks), consumer industry (94 attacks) and technology (52).
So far this year, there have been almost 3,500 attacks in total, says NCC Group, suggesting we’ll likely surpass (or at least get close to) the 4,000 mark by the end of the year.
Through BleepingComputer