A recent global ransomware report by Corvus Insurance found that ransomware attack frequency is up 11% from Q2 and increased 95% year-over-year (YoY). According to the report, the single MOVEit vulnerability accounted for 9% of victims listed in Q2 and 13% of victims listed in Q3. 

The report found that ransomware typically follows seasonal patterns, with incidents decreasing in early May and remaining low through early August. Driven largely by CL0P, this year’s dip in attacks occurred later in June and, rather than continuing to fall, spiked and remained high through the first half of August. Even without CL0P, ransomware activity would still amount to a 70% year-over-year increase.

Law practices saw an uptick in attacks due in part to the ALPHV ransomware group, which accounted for nearly a quarter of all victims in this industry (+70%). LockBit tripled its government victims from Q2 to Q3, including mostly cities and municipalities.

Read the full report here.