The Readable’s subscribers can access a monthly ransomware report by S2W. The report includes specific statistics about ransomware groups and their victims, in addition to the numbers of newly opened data leak sites by ransomware groups. By reviewing these numbers, our readers will be able to get an idea of the overall threat landscape of the ransomware ecosystem. Jiho Kim, a researcher at S2W, provides reports representing her team’s work regarding threat intelligence.
Takeaways
In June 2023:
- A total of 425 companies had their data uploaded onto leak sites by ransomware groups. This is a great increase from last month, which recorded 327 companies.
- CLOP turned out to be the most active ransomware group for the first time in these reports, uploading 87 companies’ data onto their leak sites. LockBit, which remained in the top seat for seven consecutive months, ranked in second place, exposing 62 companies’ data.
- The manufacturing industry turned out to be the most targeted industry, with 65 companies falling victim to ransomware groups. The second most targeted industry was the business service industry, having 58 companies as ransomware victims. Almost all industries experienced increased ransomware attacks, with one exception being the education industry.
Specifics
Newly discovered or changed data leak sites in June 2023
Ransomware groups and their activities in June 2023: Percentage of each ransomware group in companies that were uploaded onto data leak sites (number of companies)
Top five countries by number of leak sites their data appeared on
Top five industries by number of leak sites their data appeared on
Editor’s note: The Readable will no longer publish the monthly ransomware index report after this month due to internal process development. By publishing eight consecutive reports so far, The Readable and S2W have helped the world to understand the ransomware threat landscape better. The Readable is currently drafting a different format for reports to provide readers with deeper insight into the cybersecurity industry.