Last updated on January 15th, 2024 at 04:28 am
According to data from eCrime.ch, 390 organizations were listed on ransomware leak sites in August. This is approximately an 18% decrease from July, which saw 478 organizations listed. The top five most targeted sectors in August were law (21), IT (18), construction (15), education (12), and government (11).
125 of the victim organizations, 32% of the total, were listed by one ransomware gang: LockBit. LockBit was far more prolific than even the second most active gang, Alpha VM, who claimed 38 organizations. Akira, 8Base and Cloaked rounded out the top five most active gangs, with these groups respectively listing 35, 32, and 24 victims.
LockBit got a taste of its own medicine when John DiMaggio, chief security analyst at Analyst1, exposed some of the gang’s “secrets” in a report released on August 13th. According to DiMaggio, LockBit has had trouble carrying through on its threats to publish stolen company data, thanks to storage and bandwidth problems with its data leak site.
DiMaggio also reported that LockBit may have been hacked, and had been attempting to steal ransomware variants from other criminal groups.
Cl0p gets creative
Ransomware gangs usually publish stolen data on their dark web leak sites, but downloading data from the dark web can be slow. To fix this problem, Cl0p started using torrents to distribute the data.
A test by Bleeping Computer confirmed the torrents allowed for quicker data transfer. Lawrence Abrams, Editor-in-Chief of Bleeping Computer, also noted torrents are decentralized, making them difficult to shut down. Perhaps this means torrents will become a popular choice for ransomware groups from now on.
White House summit
At the summit, the administration highlighted a recent FCC proposal to provide $200 million of funding to improve cybersecurity in schools. It also revealed a plan to create a council to improve collaboration between the government and the education sector. Technology companies, including Amazon Web Services, Cloudflare, and Google, are also providing “free or low-cost” resources to assist school districts.
Despite a dip in the number of organizations listed on leak sites in August, ransomware continues to be a big problem. This is bad news for consumers, as it’s often our data that is stolen during these attacks!