June 20, 2024 at 10:22AM
LockBit ransomware group boasted a 665% increase in attack volume in May 2024, reclaiming its spot as the most active gang. Despite disruptions by law enforcement earlier in the year and a subsequent $10 million reward announcement, their activities have rebounded, with a significant uptick in attacks globally. The group’s resilience and reach are a cause for concern.
Based on the meeting notes, the LockBit ransomware group has claimed a significant increase in attack volume in May 2024, making it once again the most active ransomware gang. The US government has announced a $10 million reward for information on LockBit leaders and has taken action against individuals associated with the gang. In late February, the LockBit operators launched a new leak site and continued targeting organizations worldwide at a slower pace. However, in May, LockBit became the most prominent ransomware group, accounting for 176 attacks, representing a 665% increase in attack volume.
NCC Group threat intelligence head Matt Hull suggested that amidst law enforcement action, LockBit might have retained its skilled affiliates, attracted new ones, and signaled their determination to persist. Alternatively, the group might be inflating their numbers to conceal the true state of their organization.
The number of ransomware attacks globally increased significantly in May, with LockBit becoming the most prominent ransomware group. The industrial sector was targeted the most, followed by the technology sector. Additionally, the number of attacks against organizations in South America and Africa increased significantly in May.