After closely monitoring the most active ransomware groups in 2022, the KrakenLabs team at Outpost24 are sharing their latest report that delves deep into the significant ransomware trends, threat groups, victim profiles, and motives behind these attacks from the past year. In total, the researchers identified 2,363 disclosed victims by various ransomware groups on Data Leak Sites (DLS) in 2022.
Key facts from the report include:
- Most active ransomware groups: Existing entities like LockBit, BlackCat, Hive, and Karakurt have demonstrated exponential growth and have surpassed previous records despite the disappearance of prominent threat groups such as CONTI and the old REvil
- Most attacked countries: From the 101 different countries that registered victims, 42% of them are from the United States. The UK second on the list followed by Canada, Germany, and France. In fact, 28% of victims were from Europe.
- Worst offender: Last year, the ransomware group known as LockBit exhibited a significantly higher level of activity compared to other groups. They were responsible for 34% of all recorded attacks in 2022.
- Sector most at risk: While critical infrastructure sectors accounted for just over half of the attacks perpetrated (51%), construction was the most targeted sector overall.