NCC’s monthly network report shows that Hive has replaced BlackCat as one of the most prominent ransomware groups.
NCC’s March Cyber Threat Conflict Report was officially made available this morning and found that the rate of ransomware attacks is increasing and that there may be a new group of threats to watch for in the future. Ransomware attacks increased by more than 50% from February to March, and Hive was identified as the third most active hacking group in the last month.
A new group of ransomware to watch out for?
A new hacking collective at the forefront of the ransomware field is Hive, which has replaced Black cat in the third active group. Hive saw an 188% increase in the number of attacks compared to February, showing the most growth in the rate of attacks in the previous month. Hive, like Lockbit 2.0 and Conti, focuses on the industry sector with the majority (34.6%) of its attacks, but in contrast to those two groups also target the educational services sector. and academia (15.38%) in ransomware implementations.
The number of incidents reported in March increased from 185 to 283, or 53% over a one-month period. As was the case in February, Lockbit 2.0 and Conti continued to be the most active threats in the past month. Lockbit 2.0 carried out 96 attacks during this time period, while Conti was responsible for 71 attacks and a 115% increase in activity last month.
This increase from February is attributed to a slower winter break by the NCC Team as the two groups increase attack speed back to normal levels. Both groups primarily target industries, such as construction and engineering, along with consumer cycles during this period.
SEE: Mobile device privacy policy (TechRepublic Premium)
Ransomware attacks by region and sector
North America continues to be the most targeted region in the world when it comes to ransomware attacks, as 44% of reported incidents take place in this region. North America also experienced the largest increase in the number of attacks, from 78 to 122 reported last month. The US in particular has seen a 48% increase in ransomware deployments, from 73 to 108, which also accounts for almost 90% of all reported attacks in the region.
Following North America, the cyberattack rate in Europe fell 5% to 37.9% in March, good for second place in the world. Finally, Africa had the highest percentage of increased attacks (700%) but only seven additional attacks from February (one) to March (eight).
When broken down by sector, industry continues to be the biggest loser when it comes to ransomware attacks. Out of all reported incidents, industry ranked as 34% of ransomware victims, followed by consumer cyclical (20.8%). NCC Group expects these two areas to continue to be targeted by malicious actors and urges those in these areas to prepare for any potential attacks because of the total number of reported incidents. continued to increase after the winter holidays. The risks posed to both customers and customers in these two areas signal a greater urgency to restore service while limiting potential damage and costs.
