Ransomware activity in September reached unprecedented levels after a relative lull in August, which was still well above normal standards for the summer months. According to NCC Group data, ransomware groups carried out 514 attacks in September. This surpasses activity in March 2023, when there were 459 attacks, and was heavily skewed by Klop’s MOVEit Transfer data exfiltration attacks.

Klopp’s near inactivity in September may indicate that a sophisticated ransomware gang is preparing for the next big attack. However, the record was achieved by other threat groups led by LockBit 3.0 (79 attacks), LostTrust (53) and BlackCat (47).

LostTrust is a new threat that ranks second on the list dynamically.

LostTrust, believed to have been rebranded MetaEncryptor due to its significant amount of code, has already encrypted many organizations’ networks, some of which have suffered data breaches. RansomedVC, a newcomer to blackmail attacks using GDPR reporting threats, ranks fourth in NCC with 44 attacks. However, it should also be noted that some of the attacks Ransomed claimed were later revealed to be exaggerated.

This means roughly one in five attacks in September resulted from a new ransomware operation; This highlights the aggressiveness and scalability of the attacks.

In terms of target regions, North America received the lion’s share with 50 percent, followed by Europe with 30 percent and Asia with 9 percent.

The most targeted sectors are “industrial” (construction, engineering, business services) with 169 attacks, “consumer cycles” (retail, media, hotels) with 94 attacks, technology (software and IT services, networking, telecommunications) and healthcare with 52 attacks happened. . from 38

The NCC report highlights that close to 3,500 attacks were recorded between January 2023 and September 2023, and the final figure is now likely to be around 4,000 by the end of the year. Another report from Chainaliz earlier this year predicted that 2023 would be a record year for ransomware payments, based on forecast data.

Despite ongoing efforts by law enforcement to curb the growing problem, ransomware remains an evolving threat that bombards organizations with ever-evolving initial access methods and increasingly stealthy tactics and payloads.