According to Jumpsec, attacker-reported ransomware incidents increased 17% annually in the UK last year, despite a global decline in overall volume.
The London-based security vendor has compiled an annual trend report from manual research techniques and automated bots designed to scrape public websites run by ransomware actors.
Data for the first half of 2023 show signs that ransomware breaches will continue to rise this year, it said.
While the National Cyber Security Center (NCSC) had previously predicted that we would see a “more diverse and capable ransomware landscape” following the decline of the prolific Conti group, LockBit has announced that the It seems to have inherited the mantle of the former, both physically and in the UK.
Recent high-profile attacks against Royal Mail, Ion Trading and Pendragon pushed LockBit to more than 30% of all ransomware incidents in the UK in 2022, but accounted for 52% globally. says Jumpsec.
Read more about LockBit: LockBit will dominate 2022 ransomware campaign: Deep Instinct.
“But the total number of attacks is only part of the story. In terms of the financial profiles of the UK organizations targeted, LockBit is not a major threat to the more typically ‘cash rich’ organizations.” said Jumpsec.
‗Karakurt (believed to be an offshoot or rebrand of Conti) has emerged as a threat both in the UK and globally, and has become a leading force in attacks on large UK organizations with cash assets in excess of £20m. It is a cause.”
Elsewhere, vice societies have emerged as a serious threat to the UK education sector, becoming the most targeted industry in 2022, followed by the legal and retail sectors.
However, according to Jumpsec researcher Sean Moran, the identities of different groups are less important than building effective best-practice cyber resilience.
“Threat actors may be operating with multiple ransomware strains, and groups can disappear, rebrand, and reappear with no consequences. It’s often not wise to put weight on the changing fortunes of individual groups,” he argued.
“However, understanding the tactics, techniques and procedures (TTPs) of ransomware groups and their desire to target specific sectors and sizes of businesses can help organizations identify potential vulnerabilities and reduce risk. We hope that it will help us develop effective strategies to mitigate
A SonicWall report earlier this year found that ransomware volumes fell 21% year-over-year globally in 2022, but increased 112% in the UK.
