Cyble Research & Intelligence Labs (CRIL) closely monitors, tracks, and analyzes current and emerging ransomware threats across the globe. This report compendiously presents critical ransomware statistics and trends, major attacks, and common Tactics, Techniques, and Procedures (TTPs) observed in Q2-2023 to preempt the associated risks of the Ransomware Groups discussed herein.
This report encapsulates the following major findings from Q2-2023:
- 1,298 victims were publicly disclosed by ransomware groups, with United States (US) corporations continuing to be the most affected.
- Italy and Germany witnessed a steep increase of 294% and 119%, respectively, in ransomware attacks.
- The majority of high-income organizations were targeted in the Professional Service, IT & ITES, and Construction sectors.
- As predicted, IT & ITES and BFSI emerged within the 5-most impacted sectors in this quarter.
- We observed the emergence of over 20 new ransomware groups in Q2-2023, a significant spike of 30% in the formulation of new ransomware groups compared to Q1-2023.
- LOCKBIT claimed 5% fewer attacks compared to Q1-2023 but remained the most deplorable ransomware group, targeting 252 entities in Q2-2023.
- CL0P ransomware group, after targeting numerous organizations with GoAnywhere vulnerability in Q1-2023, continued to mass exploit MOVEit vulnerability in Q2-2023.
- Capricious techniques of ransomware groups in Q2-2023 provide further insights into their operations and indications about the evolving ransomware threat landscape in the year ahead.