A Trend Micro Incorporated report found that many ransomware actors are targeting smaller organizations. According to the report, organizations of up to 200 employees accounted for 57% of LockBit victims and 45% of Black Cat victims in the first half of this year. For Clop, large enterprises accounted for half, with small businesses comprising 27%.

U.S.-based organizations remain a prime target for ransomware operators, with the highest number of ransomware victims in the first half of 2023 and accounting for nearly half of all ransomware attacks. 

Additional findings include:

  • 47% increase in new Ransomware as a Service (RaaS) victims.
  • 11.3% increase in the number of new RaaS groups.
  • LockBit, the top ransomware family since 2022, accounted for 26.09% of total victim organizations, with BlackCat and Clop responsible for 10.59% and 10.09% of attacks, respectively.
  • The banking, retail and transportation sectors were the most targeted in 1H 2023.
  • I.T., healthcare and manufacturing emerged as the most targeted sectors in terms of ransomware file detection.

Read the full report here.