"Ransomware Activity Resurges in Q2"
Security researchers at Digital Shadows have discovered that ransomware activity rose by a fifth in the last quarter. The researchers monitored almost 90 data leak sites on the dark web and observed ransomware groups named 705 victims in Q2 2022, representing a 21% increase over last quarter’s 582. This was a resurgence in activity following a 25.3% decline quarter-on-quarter during Q1. The researchers stated that the LockBit ransomware group overtook Conti in victim numbers as Conti ceased operations following the leak of internal chat logs. Conti had reached almost 900 victims during its operations, but LockBit is now closing in on 1000 after a 13% growth in activity during the quarter. At around 230, Lockbit’s quarterly victim numbers far exceeded any other group in Q2. It was accountable for almost a third of all postings to leak sites in Q2. Conti, which had limped along for several weeks after its own data leak, managed just over 50. In third place was Alphv, which grew 118% during the quarter. Basta came in fourth. The researchers stated that industrial goods and services were by far the hardest hit sector in Q2, accounting for almost a fifth of all attacks at 18.4%. Technology came second, at 8.7%, followed by construction (7.9%), healthcare (6.4%), and government (5.5%). The US was the most targeted region, accounting for almost 40% of all incidents. Germany and the UK followed in second and third place.