RaaS operations fueling ransomware attacks

Successful ransomware attacks reported in July totaled 198, which was 47% higher than in June, with the increase largely attributed to ransomware-as-a-service groups, Threatpost reports. Most of the attacks were conducted by the Lockbit ransomware gang, with a total of 62 attacks last month, which was an increase of 10 from June, according to a report from NCC Group. Meanwhile, Hiveleaks with 27 attacks and BlackBasta with 24 attacks were the second and third most active groups, respectively, representing a 440% and 50% increase in number of attacks from June. "Lockbit 3.0 maintain their foothold as the most threatening ransomware group and one with which all organizations should aim to be aware of," wrote researchers. NCC Group noted that attacks have begun increasing as ransomware groups finalized their reorganization following the U.S. government's efforts to disrupt Conti ransomware in May, and further increases are expected this month. "It is likely that the threat actors that were undergoing structural changes. and have begun settling into their new modes of operating, resulting in their total compromises increasing in conjunction," said researchers.