Warning of summer surge in ransomware attacks

Ransomware attacks in June spiked by a whopping 221% year-on-year, according to the latest report from NCC Group.

The summer surge in ransomware follows separate warnings from earlier this year that ransomware attacks were once again on the rise.

Recommended: Read our guide to “What is ransomware?”.

NCC Group’s Monthly Threat Pulse reports that there were 434 ransomware attacks in June, up from 135 attacks in June 2022. It points the finger at the Russian-speaking Clop group for more than a fifth of those attacks.

Clop has been actively exploiting a SQL injection vulnerability in the MOVEit file transfer software, which was patched earlier this month. Clop has reportedly used the exploit to attack more than 200 organisations in recent months, affecting 17.6 million individuals, according to threat analyst Brett Callow.

“The considerable spike in ransomware activity so far this year is a clear indicator of the evolving nature of the threat landscape,” said Matt Hull, global head of threat intelligence at NCC Group.

“The better-known players, such as Lockbit 3.0, are showing no signs of letting up, newer groups like 8base and Rhysida are demonstrating what they’re capable of, and Clop has exploited a major vulnerability for the second time in just three months.”

Ransomware targets

The industrial sector is the biggest target for ransomware attacks, according to NCC Group, accounting for around a third of attacks. Consumer cyclicals (12%) and technology (11%) are the next two biggest targets.

In terms of geographical location, North America is seeing the bulk of the attacks, with just over half of the total in June. Europe (27%) and Asia (9%) follow behind.

2023 is fast becoming the year of ransomware. The Thales Data Threat Report issued in April claimed that 48% of IT professionals had seen a rise in ransomware attacks, with 22% of organisations reporting they had been a victim of an attack in the past year.

Exploitation of a known vulnerability was blamed for just over a fifth of those attacks, showing how reliant businesses are on software vendors securing their products.

The Thales report found that only half of companies have a formal ransomware response plan and that two-thirds of ransomware victims had suffered a degree of data loss.

Avatar photo
Barry Collins

Barry has 20 years of experience working on national newspapers, websites and magazines. He was editor of PC Pro and is co-editor and co-owner of BigTechQuestion.com. He has published a number of articles on TechFinitive covering data, innovation and cybersecurity.