随着勒索软件生态系统不断变化,不论此前勒索软件行业以及 RaaS 规范如何运作,研究人员预计勒索软件攻击将呈上升趋势。
GuidePoint Security's research report shows that in the first quarter of 2024, there was a significant increase in the number of active ransomware-as-a-service (RaaS) groups, from 29 in Q1 2023 to 45 in Q1 2024, a 55% increase. RaaS groups are actively recruiting other ransomware organizations. The report also reveals a change in behavior patterns of ransomware organizations after law enforcement activities, with more focus on previously "off-limits" organizations and industries such as emergency hospitals. The report predicts a more turbulent second quarter as the ransomware ecosystem becomes increasingly unstable. The most active ransomware groups are LockBit, Blackbasta, and Play. The manufacturing, retail and wholesale, and healthcare industries were the most affected by ransomware in Q1 2024. The US is the largest target country for ransomware, with over half of the observed victims coming from the US. The report concludes that ransomware attacks are expected to continue to rise.