MANCHESTER, U.K.–February saw 240 ransomware attacks, a 45% increase over January, according to the Monthly Threat Pulse from LockBit.
The volume of activity is the highest recorded by NCC Group for this period, up 30% over February 2022 (185), and 2021 (185), the company said.
“The considerable rise highlights the growing threat of ransomware attacks, as the threat landscape continues to evolve,” NCC Group said.
According to NCC Group’s analysis, LockBit 3.0 drove the majority of February’s ransomware activity, with 129 ransomware attacks (54%). It marks a 150% spike in the group’s activity compared to January (50 victims), including an attack on U.K. mail delivery service, Royal Mail, NCC group said.
The group was a driving force behind a rise in attacks on the Consumer Non-Cyclicals (12 victims) sector, while Industrials (43) and Consumer Cyclicals (20) were its most targeted, the report added.
Other Findings
Additional findings in the report include:
- BlackCat (13%) was the second most active threat actor, followed by relatively new threat actor, BianLian (8%), with 20 victims. “Despite this sharp spike in activity, their level of attacks in February is still less than it was in December 2022, indicative of BinLian’s usual pattern of activity, whereby it has peaks and troughs throughout the year,” NCC Group said.
Threats by Regions & Sectors
According to NCC Group:
- North America (47%) was the target of almost half of February’s activity, with 113 victims. Europe (23%), and Asia (15%) followed, with 56 and 35 attacks respectively.
- While Industrials (33%) and Consumer Cyclicals (15%) remained the most targeted sectors, LockBit’s targeting of Consumer Non-Cyclicals (8%) - companies in the likes of utilities, healthcare and other consumer staples - escalated it to the top three for the first time, with 20 incidents. This represents a 150% increase in victims in this sector since January.
‘Surge’ in Activity
“In February, we observed a surge in ransomware activity, as expected when coming out of the typically quieter January period,” said Matt Hull, global head of Threat Intelligence at NCC Group. “However, the volume of ransomware attacks in January and February is the highest we have ever monitored for this period of the year. It is an indication of how the threat landscape is evolving and threat actors show no signs of reducing ransomware activities.”