Power Rankings: Ransomware Malicious Quartile
Ransomware attacks continue to be extremely lucrative, with ransom demands and recovery costs bleeding victim organizations for millions of dollars. And things change fast in this space – RaaS groups rise and fall with law enforcement takedowns, or disband and reorganize under different brands, so it can all be a little confusing. Each quarter, the Halcyon team of ransomware experts put together a RaaS power rankings guide for the ransomware threat landscape
Most recent quartiles
Ransomware attacks continue to plague nearly every major business sector as well as state and local Governments. The relentless pace of attacks brings into question whether organizations fully understand the threat and what steps need to be taken to reduce the risk of costly disruptions.
There need to be real consequences – not just for those who are orchestrating the attacks and benefitting financially, but also for the nation-states who are benefiting geopolitically. Until there are real consequences on the table, we will see these attackers continue to brazenly act with impunity.
The Halcyon team of ransomware experts has put together this extortion group power rankings guide as a quick reference for the extortion threat landscape based on data from throughout Q2- 2024.
Ransomware attacks in 2023 broke nearly all previous records, with the majority (75%) of organizations reported being targeted by at least one ransomware attack, and 26% reporting they were targeted with ransomware four or more times. But the first quarter of 2024 is telling a bit of a different story, with some research indicating that ransomware attacks may have decreased by 20% or more from levels observed in the last quarter of 2023. Several factors may be at play in prompting the drop in attacks, including law enforcement actions against two of the top ransomware-as-a-service (RaaS) platform providers — LockBit and BlackCat/ALPHV — as well as a push by governments and some security experts to ban ransomware payments.
Ransomware remains one of the most significant threats to organizations of all sizes in all industry verticals. Following a bit of a lull the previous year, the first half of 2023 saw more victims impacted by ransomware attacks than in all of 2022 as threat actors continue to leverage Ransomware-as-a-Service (RaaS) platforms to execute their attacks. The vast majority (75%) of organizations reported being targeted by at least one ransomware attack in 2023, with 26% reporting they were targeted with ransomware four or more times.
Ransomware poses an existential threat to organizations of all sizes in any vertical. Ransomware attacks continue to be extremely lucrative, with ransom demands and recovery costs bleeding victim organizations for millions of dollars.
Ransomware-as-a-Service (RaaS) and other operators are implementing novel evasion techniques into their payloads specifically designed to evade or completely circumvent traditional endpoint protection solutions.
More than 2,300 organizations succumbed to ransomware attacks in just the first half of 2023 according to the most recent data, with the vast majority carried out by only three ransomware operators: LockBit(35.3%), ALPHV/BlackCat (14.2%), and Cl0p (11.9%).
Overall, ransomware attacks were up 74% in Q2-2023 over Q1 volumes.
Over the course of 2022, 85% of companies were the victim of at least one ransomware attack, and 74% had experienced multiple attacks. Ransomware has fast become the greatest risk to organizations today.
Ransomware attacks continue to be extremely lucrative, with ransom demands and recovery costs bleeding victim organizations for millions of dollars.
Looking for Past Quartiles?
Compare previous quarters to see where groups did the most damage from past attacks. Discover when specific groups fell off the map. Find historical ransomware operator knowledge and more.
Visit Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing near real-time ransomware tracking of attacks, groups and their victims. Given threat actors' overarching. lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
Calculate your risk exposure to ransomware
Return on Investment (ROI) is one of the most important metrics in your business. Cybersecurity is no exception. Modern solutions, like Halcyon's multi-layered protection with endpoint resilience, saves you from new ransomware threats, while saving your bottom line too.
Witness Halcyon stop the most recent ransomware
The Halcyon Anti-Ransomware Platform is the industry’s first dedicated, adaptive security purpose-built to stop ransomware. Halcyon is a lightweight agent, built by attackers to stop attackers, combining multiple proprietary advanced prevention engines along with AI models trained specifically on ransomware TTPs.