In September 2023, ransomware attacks reached unprecedented levels, with a staggering 514 victims, indicating a dramatic year-on-year increase of 153% compared to 2022, according to the NCC Group's September Threat Pulse report. This figure surpassed the previous record set in July 2023, which had seen 502 attacks.
Notably, new threat actors have emerged, significantly contributing to this surge in attacks. LostTrust, formed in March, ranked as the second most active group, responsible for 10% of attacks. Meanwhile, the RansomedVC group claimed fourth place with 9% of attacks. These emerging groups have adopted the double extortion tactic commonly used by established threat actors.
North America remained the primary target for ransomware attacks, with 258 incidents, while Europe and Asia followed with 155 and 47 attacks, respectively. This indicates an increasing focus on Western regions by threat actors.
Industrials, Consumer Cyclicals, and Technology sectors were the most targeted, with Industrials accounting for 40% of attacks. Additionally, the healthcare sector witnessed a significant 86% month-on-month increase in attacks, with 18 incidents in September.
A notable newcomer in the threat landscape is RansomedVC, which operates as "penetration testers" but combines extortion with GDPR compliance, putting additional pressure on victims to meet ransom demands. This approach was exemplified by their recent attack on Sony, further highlighting their growing impact.
Matt Hull, Global Head of Threat Intelligence at NCC Group, noted the evolving nature of ransomware attacks and the emergence of new threat actors employing innovative tactics to increase pressure on victims. This trend is likely to continue, with new groups exploring various methods to compel victims to comply with ransom demands and diversify their activities.
###