Lockbit ransomware victims more than double in February

The Lockbit ransomware group claimed 129 victims in February, more than double the 50 that was reported in January.

The latest ransomware report from GuidePoint Security shows that another RaaS group, AlphV, also significantly increased its reported monthly victim count from 20 to 31.

The data also shows some shifts in the industries being targeted by ransomware groups. The food and beverage sector saw a significant increase from four victims in January to 17 in February, possibly due to its high dependence on operational continuity and customer service. The banking and finance sector also saw an increase from nine to 19 victims, reflecting its attractiveness for cybercriminals looking to monetize their activity. Engineering increased from one to eight victims, suggesting that ransomware groups may be targeting sectors looking for valuable intellectual property and sensitive data.

Geographically the United States took the majority of the hits, going from 62 victims in January to 117 in February, demonstrating its vulnerability to ransomware attacks across various industries and regions. Italy and France increased by six and five respectively. The UK, however, saw the most significant decrease, from 20 victims in January to 14 in February. Overall, ransomware groups targeted victims in 48 countries during February, an increase from the 38 countries attacked in January.

"February of 2023 has, as predicted, shown to be a 'bounce back' month after a significant reduction in victims around the December and January timeframe," writes Guidepoint threat intelligence analyst Nic Finn on the company's blog. "A relative lull of posted victims followed by a sharp increase midway through Q1 is a pattern that has now repeated itself two years in a row according to our previously collected data."

You can read more on the GuidePoint blog.

Image credit: AndreyPopov/depositphotos.com