Ransomware attacks surging after a briefish end of year pause

April 30, 2022 |

Ransomware attacks have surged early this year according to databreach today with Cybercrime: Ransomware Attacks Surging Once Again based on a report by the NCC Group.  it’s findings are that:

  • Ransomware attacks increased 53% compared with February, representing continued growth since the start of the year
  • The most targeted sectors continue to be Industrials (34%), Consumer Cyclicals (21%), and Technology (7%)
  • The most targeted regions were North America (44%) and Europe (38%) – a return to the usual split after seeing both regions with a similar number of victims in February
  • The most prolific ransomware variants were again Lockbit 2.0 (96 victims) and Conti (71 victims)

An interesting, and worrying development, is that the percentage of data being restored after paying the demanded ransom has dropped.  On average only 61% of the data is restored whereas 65% was restored in 2020. the key caveat to reporting on ransomware is that the figures are notoriously spongey.  Many affected businesses don’t report attacks if they pay the ransom.

To show that the threat is real in the US the ransomware group going by the name Conti posted on the dark web data belonging Elgin County which had been hit by a ransomware attacked.  Yesterday Austin Peay State University admitted to being a victim of a ransomware attack.  This is the twelfth US institute of higher education being successfully targeted by ransomware gangs this year. Data was stolen in at least 10 of the incidents. Additionally, at least 9 US school districts with 234 schools between them have been hit. Last year, 26 universities/colleges and 58 districts with 1,681 schools were hit. 

A new ransomware gang, Black Basta has successfully attacked at least 12 companies in the last few weeks.  Their modus operandi is post data on the ‘Black Basta Blog’ or ‘Basta News’ Tor site of those who have not paid the ransom. Black Basta slowly leaks data for each victim to try and pressure them into paying a ransom. It is a grimly effective form of extortion. 


Leave a Reply

Verified by MonsterInsights