While global ransomware attack volumes saw a slight 2% decline in November, new data from NCC Group reveals a significant evolution in attacker tactics and increased collaboration between criminal groups, signaling an escalating threat despite the marginal dip, reports Security Brief Australia.
The consultancy recorded 583 incidents, noting a sharp 517% surge in the "ClickFix" technique, a social engineering method that manipulates users into manually executing malicious actions using legitimate system tools to bypass automated security controls.
Concurrently, ransomware gangs like DragonForce are forming alliances with skilled affiliates from groups such as Scattered Spider, enabling them to rapidly adapt their methods across different industries. The industrials sector remained the most targeted (25% of attacks), followed by consumer discretionary and information technology, reflecting a continued focus on complex supply chains.
While the Qilin group maintained its position as the most prolific actor, the CL0P gang exhibited a dramatic 654% month-over-month increase in activity.
The consultancy recorded 583 incidents, noting a sharp 517% surge in the "ClickFix" technique, a social engineering method that manipulates users into manually executing malicious actions using legitimate system tools to bypass automated security controls.
Concurrently, ransomware gangs like DragonForce are forming alliances with skilled affiliates from groups such as Scattered Spider, enabling them to rapidly adapt their methods across different industries. The industrials sector remained the most targeted (25% of attacks), followed by consumer discretionary and information technology, reflecting a continued focus on complex supply chains.
While the Qilin group maintained its position as the most prolific actor, the CL0P gang exhibited a dramatic 654% month-over-month increase in activity.



