"LockBit 3.0, Black Basta Lead Barrage of Q3 Ransomware Attacks"

According to an Intel 471 ransomware report, there were 27 ransomware variants that carried out 455 attacks in the third quarter (Q3) of 2022, a decrease of 72 attacks from the second quarter (Q2) of 2022. The most common ransomware variants, according to the study, were LockBit 3.0, which was responsible for 42.2 percent of all reported incidents, followed by Black Basta, Hive, ALPHV, and BlackCat. North America and Europe were the most affected regions, and the top targeted sectors included consumer and industrial products, manufacturing, and professional services and consulting. According to the report, the dissolution of the Conti ransomware group likely influenced the overall number of breaches and the positioning of the most impactful ransomware variants in Q3. Beth Allen, senior threat intelligence analyst at Intel 471, says disgruntled affiliates are increasingly affecting ransomware groups, such as this quarter when a disgruntled coder leaked LockBit files containing builder code. This demonstrates that operational security can even be a challenge to well-established affiliate groups. This trend is likely to continue as more affiliates become dissatisfied. The trend will likely create a power vacuum in the cyber underground, spawning a slew of new ransomware variants and groups that will make it increasingly difficult for law enforcement agencies to track and stop them. Businesses are also finding it difficult to defend against these threats due to the variety of tactics, techniques, and procedures (TTPs) employed. Businesses of all sizes are at various stages of readiness when defending against ransomware threats. This is due to the wide range of cybersecurity maturity across all industries. Organizations that neglect or lack adequate cybersecurity are more likely to be victims of ransomware and less prepared to recover from such an incident. According to Allen, the first steps in improving any defense posture are to ensure appropriate backups are in place, test restoring from those backups regularly, limit users' access to their required job role, enforce multi-factor authentication (MFA), and implement network segmentation. This article continues to discuss key findings from Intel 471's ransomware report.

Security Boulevard reports "LockBit 3.0, Black Basta Lead Barrage of Q3 Ransomware Attacks"