• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Network Security, News

Report: Ransomware Attacks Fall as Groups Restructure

New analysis from NCC Group suggests that despite a drop in the number of ransomware attacks, new threat actors are emerging.

September 27, 2022 Zachary Comeau Leave a Comment

Microsoft Fortra healthcare ransomware
stock.adobe.com/santiago silver

New analysis from NCC Group suggests that despite a drop in the number of ransomware attacks, new threat actors are emerging and older ones are evolving.

According to the company’s Global Threat Intelligence team, the number of ransomware attack victims dropped 19% in August, from 198 to 160 reported incidents, continuing a trend from July, when ransomware attacks dropped 47% from the previous month due in part to the disbanding of ransomware group Conti.

This also continues the downward trajectory in ransomware attacks that NCC Group has reported since the spring. In addition to Conti, the company says other groups such as ALPHV and Hiveleak have also scaled down attacks, making LockBit the only consistent presence in the threat landscape last month.

According to the company, Lockbit 3.0 accounted for 40% of all incidents in August, making it the most threatening ransomware group last month. The ransomware gang’s 64 incidents reflect a spike in activity following the rebrand from Lockbit 2.0 in June.

NCC Group notes that a new threat actor, IceFire, has emerged onto the scene, amassing 10 victims in just its first month of activity and making NCC Group’s top three list of threat actors for August. Little is known about the group, but its high volume of attacks in an indicator that the group is made up of operators with prior experience in the ransomware ecosystem.

Technology IceFire’s its most targeted sector, accounting for 90% of total attacks, with the software and IT services industries accounting for 80% of these victims. The majority of victims offer web hosting services, suggesting the group is a highly selective addition to the threat landscape, according to NCC Group.

“While there is a slight reduction in the volume of attacks in August, there have been some considerable changes among threat groups in particular,” says Matt Hull, global head of Threat Intelligence at NCC Group. “Lockbit 3.0 appears to be re-establishing its operations since rebranding in June, while Conti-affiliated BlackBasta looks to be establishing itself within the ransomware landscape following Conti’s operations rebranding.”

Overall, industrials continue to be the most targeted sector with 55 total incidents (34%) in August, followed by followed by consumer cyclicals (18%), and technology organizations (14%).

The company also highlighted Sandworm, a state-sponsored threat actor aligned with Russian state interests that has recently been focusing its attacks on Ukraine.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: NCC Group, ransomware

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.