Ransomware threats were analyzed in a recent report by Searchlight Cyber. The report shows how one of the biggest ransomware groups (BlackCat) ceased operations, a new gang (RansomHub) emerged in February and quickly established itself as the third most prolific ransomware group, and outlines the effects of devastating attacks executed against organizations.

Other highlights of the report include:

• A 56% increase in the number of active ransomware groups compared to H1 2023, reflecting a diversification of the ransomware landscape.
• LockBit has retained its top position in spite of the disruption of Operation Cronos, though its number of listed victims has decreased compared to H1 2023.
• BlackCat and Cl0p have forfeited their top five rankings, with Play, RansomHub, BlackBasta, and 8Base filling the top slots behind LockBit.
• The emergence of RansomHub, a new ransomware group that quickly established itself as the third most prolific group, despite it emerging in February.
• A decline in the overall number of listed ransomware victims compared to H2 2023, indicating that law enforcement operations may be beginning to curb ransomware activities.
• The continued dominance of the Ransomware-as-a-Service (RaaS) model among the most active groups.

Read the report