In May 2024 [1] [2] [3] [4] [5], ransomware attacks surged [1] [2] [3] [4] [5], with LockBit 3.0 reclaiming its position as the dominant threat actor.
Description
LockBit 3.0 launched 176 attacks, a 665% increase from the previous month [2] [3] [4], following a period of inactivity after law enforcement operations dismantled their infrastructure in February 2024 [3]. LockBit’s activity surpassed other prominent groups [3], indicating their determination to persist [3]. Play and RansomHub were also active [1], with Play following closely behind LockBit with 32 attacks. New threat actors like Arcus Media [2] [4], Underground [2] [5], and DAn0N entered the top 10 list [4]. Overall, global ransomware attacks increased by 32% compared to the previous month, with the industrial sector remaining the primary target [3]. The technology sector also saw a notable increase in attacks [3], driven by the value of their data and intellectual property [3]. Phishing attempts using QR codes (quishing) are on the rise [1]. Regional trends showed a decrease in attacks in North America and an increase in Europe [3], South America [1] [2] [3] [4] [5], and Africa [3] [4] [5], possibly due to testing new malware and attack methodologies [3].
Conclusion
The surge in ransomware attacks, particularly by LockBit 3.0, highlights the ongoing threat to organizations worldwide. It is crucial for businesses to enhance their cybersecurity measures to protect against such attacks. The increase in attacks in the technology sector underscores the importance of safeguarding valuable data and intellectual property. The rise of new threat actors like Arcus Media, Underground [2] [5], and DAn0N further complicates the cybersecurity landscape. Moving forward, organizations must remain vigilant and proactive in defending against ransomware attacks to mitigate potential risks and safeguard their operations.
References
[1] https://www.techzine.eu/news/security/121432/return-of-lockbit3-0-causes-spike-in-ransomware-attacks-in-may/
[2] https://securityboulevard.com/2024/06/report-details-reemergence-of-lockbit-3-0-ransomware-syndicate/
[3] https://islainformatica.com/lockbit-actor-de-ransomware-mas-destacado-en-mayo-de-2024/
[4] https://www.infosecurity-magazine.com/news/lockbit-prominent-ransomware-may/
[5] https://siliconangle.com/2024/06/20/lockbit-resurgence-sees-ransomware-attacks-reach-record-high-may/