Global ransomware attacks have witnessed a significant rise in February 2024, with a 46% increase compared to January, according to NCC Group's February Threat Pulse. The report highlights a total of 416 cases in February, up from 285 in the previous month, marking a continued upward trajectory in attack volume over the last three years.
LockBit 3.0 maintained its dominance as the most active threat group, responsible for 110 cases (33%), nearly double its attacks in January. Newcomers Hunters and Qilin have rapidly ascended the ranks, securing second and third positions with 10% and 9% of cases, respectively. BlackCat, a familiar name among active threat groups, shared third place with Qilin, each accounting for 30 cases (9%).
North America and Europe remained the primary targets, experiencing over 85% of the total ransomware attacks, with North America seeing a 27% increase to 230 cases and Europe witnessing a 64% rise to 123 attacks in February.
The industrial sector continued to be the most targeted, accounting for 32% (134) of the attacks, followed by Consumer Cyclicals and Consumer Non-Cyclicals, highlighting the broad impact of ransomware across various industries.
The report also shed light on the emergence of new ransomware groups, with over ten new groups appearing in 2024, as observed on a Russian forum catering to ransomware-related activities. This trend points to a potential shift in the ransomware landscape, with smaller Ransomware-as-a-Service (RaaS) operators becoming more active and harder to detect.
Matt Hull, global head of Threat Intelligence at NCC Group, commented on the evolving ransomware landscape: "Recent law enforcement activity has the potential to polarize the ransomware landscape, creating clusters of smaller RaaS operators that are highly active and harder to detect due to their agility in underground forums and markets." Hull emphasized the importance of maintaining vigilance and a proactive approach to defending against ransomware threats, regardless of the size of the attacking groups. NCC Group remains committed to ongoing research into the dynamics of ransomware groups and sharing valuable intelligence and insights to help organizations stay ahead of emerging threats.