RaaS proliferation: 14 new ransomware groups target organizations worldwide

July 25, 2023 – Published on HelpNet Security

In the Q2 2023, GuidePoint Research and Intelligence Team (GRIT) tracked 1,177 total publicly posted ransomware victims claimed by 41 different threat groups.

GRIT’s report shows a 38% increase in public ransomware victims compared to Q1 2023, and a startling 100% increase from Q2 2022. Manufacturing and technology, representing 14% and 11% of impacted industries respectively, continue to be the most impacted industries, a trend that has persisted from GRIT’s observations in 2022 and Q1 of 2023.

The consulting (+236%) and insurance (+160%) industries experienced the greatest relative growth in observed ransomware attacks, contrasted with the relative decline experienced by governments (-61%) and the automotive (-59%) industry.

GRIT again observed an increase in the activity of Ransomware-as-a-Service (RaaS) groups throughout the quarter, attributed to 14 new groups that began operations in Q2 2023. This represents a 260% increase in “First Seen” groups compared to Q1. LockBit’s commanding lead in the Ransomware-as-a-Service (RaaS) economy can be observed across all five of the most impacted industries except healthcare, where it faced competition from Bianlian and Karakurt.

“Q2 2023 continued to highlight the growing ransomware threat facing organizations across the globe, from both established ransomware gangs and emerging or ephemeral opportunistic groups,” said Drew Schmitt, GRIT Lead Analyst.

Read More HERE.