"Ransomware Rises Despite Law Enforcement Takedowns"

According to security researchers at Mandiant, ransomware activity increased in 2023 compared to 2022 despite law enforcement operations against prominent ransomware groups, including ALPHV/BlackCat.  During the study, the researchers observed a 75% increase in posts on ransomware groups’ data leak sites (DLS) in 2023 compared to 2022.  In total, victims on DLS spanned more than 110 countries.  During 2023, ALPHV/BlackCat and LockBit were the most frequently observed ransomware groups.  The researchers also discovered that 2023 saw more than 50 new ransomware variants.  The researchers noted that the proportion of new variants compared to families increased, with around one-third of new families observed in 2023 being variants of previously identified ransomware families.  The researchers said that this suggests that threat actors are using their time and resources to update pre-existing ransomware families rather than creating new families from scratch.  The researchers also found that threat actors have increased reliance on remote management tools in ransomware operations.  These tools were used during approximately 41% of intrusions in 2023 compared to 23% of intrusions in 2022.

Infosecurity Magazine reports: "Ransomware Rises Despite Law Enforcement Takedowns"