According to a report from the NCC Group’s threat intelligence team, LockBit 2.0 has continued to be the top infecting ransomware group, with 40% of May’s attacks being carried out by them, followed by Hive and Black Basta, totaling 7%. May saw an 18% drop in attacks, which is likely due to the shutdown of Conti ransomware. As the group rebrands and begins to work with other smaller groups, it will be an interesting shift to see if any of the smaller brands will begin to make up for the decline in attacks. The findings also show that industrial and critical infrastructure remain one of the most attractive targets.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in