Recent ransomware attacks were analyzed in a report by NCC Group. The volume of ransomware attacks remained at record highs with 352 attacks in April, the second-highest month on record, according to the report. April’s high level of activity, largely attributed to the top three threat actors, is only surpassed by March’s figures of 459 attacks, which was the result of Cl0p’s exploitation of the GoAnywhere MFT.
In April, the top three most-active threat actors Lockbit 3.0, BlackCat and BianLian were responsible for 58% of overall ransomware activity monitored in April. Lockbit 3.0, the most active threat group of 2023, launched 107 out of the 352 attacks monitored, a 10% increase from March. BlackCat (50) and BianLian (46) increased their activity by 67% and 59% respectively. BlackCat’s attack on digital storage device giant Western Digital garnered significant attention, with the group claiming to have stolen 10 terabytes of data and demanding an 8-figure ransom.