A report from NCC Group highlights a significant increase in ransomware attacks following a temporary decline. In July, the groups led by Lockbit were the most active, carrying out 62 incidents, followed by Hiveleaks with 27 incidents and BlackBasta with 24. These numbers represent dramatic increases of 440% and 50%, respectively, for Hiveleaks and BlackBasta from June, indicating a coordinated reactivation of criminal operations. The report suggests that these groups are direct continuations of Conti, now operating under new identities following the dismantling of the original structure. Experts believe that the increase in activity is related to structural changes within the organization and the reorganization of Conti’s operational cells across different jurisdictions.
Ransomware Attacks Are on the Rise
Summary: An NCC Group study reveals that ransomware attacks are experiencing an increase, led by the group Lockbit and its allies Hiveleaks and BlackBasta.
Key facts
- Lockbit led the ransomware attack incidents in July with 62 incidents.
- Hiveleaks and BlackBasta significantly increased their activities since June.
- These groups are associated with Conti, now operating under new identities.
Why it matters
This increase in ransomware attacks represents a significant risk for organizations, especially given the heightened activity of groups like Lockbit and their allies. Experts recommend staying alert and implementing prevention and response measures.
@threatpost
Embedded content for: Ransomware Attacks Are on the Rise