Ransomware in Q3 2023 was analyzed in a recent GuidePoint report. The report found a nearly 15% increase in ransomware activity since Q2 due to an increased number of ransomware groups, including 10 new emerging groups tracked during this quarter. Through the first three quarters of 2023, the report found an 83% YoY increase in ransomware victims.

According to the report, the manufacturing and technology industries were the first and second most impacted by ransomware, followed by retail & wholesale as the third most impacted. Retail & wholesale experienced a steady increase in observed victims throughout the year, jumping from 9th place with 38 victims in Q1 to its current spot in the top three with 98 victims.

While U.S.-based organizations saw an increase in total observed victim count in Q3 2023, the percentage of attacks directed against U.S.-based organizations decreased by 3.3%, reflecting a marked increase in attacks impacting other nations. In particular, United Kingdom-based organizations saw an increase from 59 victims in Q2 to 83 in Q3, an approximate 40.7% quarter-over-quarter increase.

The top three most active ransomware groups were Lockbit, Clop and Alphv. LockBit posted roughly the same number of victims in Q2 as in Q3, totaling 770 victims for the year thus far. Clop activity in Q3 stemmed almost entirely from its mass exploitation of a vulnerability in the MOVEit managed file transfer software, which resulted in a 5% total increase in victims from Q2 to Q3. 

Read the full report here.