Ransomware, Threat Intelligence

Ransomware landscape dominated by RansomHub

Nineteen percent of all ransomware attack victims in September were compromised by the RansomHub operation, making it the most active ransomware gang despite only emerging in February, Cybernews reports.

Play, Qilin, Medusa, and LockBit — which was the dominant ransomware operation in 2022 and 2023 before being subjected to law enforcement crackdowns this year — completed the top five, according to an analysis from Check Point.

Operating as a ransomware-as-a-service was noted by researchers to have been beneficial to RansomHub, whose remote encryption attacks mostly targeted the U.S. and Canada, particularly organizations in the industrial manufacturing and healthcare sectors.

Additional findings revealed that the threat landscape's shift to RaaS has reduced the barrier of entry for less sophisticated threat actors, who are expected to mostly target industrial manufacturing, healthcare, and education entities. "Global affiliate networks have democratized cybercrime, driving an alarming increase in attack volume. The future of ransomware shows no signs of slowing down," said the report.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds