2nd Edition

Tracking the trends and news for IT and IT Security

Paul

Ransomware attacks take slight dip in 2022 as threat actors evolve and explore new tactics – NCC Group Annual Threat Monitor Report

b5612734b6d3963ed338da15fb7085.png?1671010705Ransomware attacks take slight dip in 2022 as threat actors evolve and explore new tactics â NCC Group Annual Threat Monitor Report>
Global Security Mag – NCC Group
Global cyber security and risk mitigation expert NCC Group monitored a slight decrease of 5% in ransomware attacks between January â December 2022 with 2,531 attacks, according to its 2022 Annual Threat Monitor Report.

Although there were slightly less attacks than 2021, there was a notable surge in ransomware attacks between February and April, coinciding with the start of the Russia-Ukraine conflict when prominent threat actor LockBit ramped up activity.

LockBit claimed the âtop spotâ for most active threat actor in 2022, responsible for 33% of all monitored ransomware attacks (846), a 94% increase on its 2021 activity (436 attacks). The groupâs activity peaked in April with 103 attacks, ahead of the launch of a new ransomware software and rebrand to LockBit 3.0.

BlackCat accounted for 8% of the total attacks in 2022. With a quiet start in December 2021 (4 attacks), the group went on to average 18 attacks each month, with a peak of 30 incidents in December 2022. Leading threat actor of 2021, Russia affiliated, Conti reduced attack levels dramatically to just 7% of all recorded (21% in 2021), with no attacks monitored from June onwards. This reduction in activity coincided with the introduction of new group BlackBasta, believed to be associated with â or a replacement for â Conti.

The most targeted sectors in 2022 were Industrials* with 804 victim organizations (32%), followed by Consumer Cyclicals** with 487 (20%) and Technology*** with 263 (10%).

North America and Europe suffered the most ransomware attacks in 2022. North America bore the brunt, with 44% of all incidents (1,106), a 24% decrease on 2021âs figures (1,447).

Europe observed 35% of all incidents, with an 11% increase in attack numbers, witnessing 896 in 2022 as compared to 810 in 2021. It was potentially influenced by surges in activity associated with the Russia-Ukraine conflict in the first half of the year.

NCC Group observed 230,519 DDoS events across 2022 with an astonishing 45% targeted at the United States, 27% of which occurred in January.

This early surge in DDoS attacks and botnet-led breaches reflects greater turbulence within the wider cyber threat landscape, in part influenced by the Russia-Ukraine conflict. DDoS continues to be weaponized by both criminal and hacktivist groups as part of the conflict, alongside disinformation campaigns and destructive malware, to cripple critical national infrastructure in Ukraine and beyond.

Often garnering less attention than their ransomware counterparts business email compromise (BEC) attacks are clearly a growing threat organizations must pay attention to, and represented 33% of all incidents observed by NCC Groupâs Cyber Incident Response Team (CIRT).
Link: https://www.globalsecuritymag.com/Ransomware-attacks-take-slight-dip-in-2022-as-threat-actors-evolve-and-explore.html

Categories:

Tags: