More than half of all ransomware attacks worldwide are carried out by six criminal groups. Belgium ranks tenth among the most affected countries in 2024, with 21 attacks in the first half of the year.
A report by UNIT 42, Palo Alto Networks’ research group, shows that six ransomware groups are responsible for 53 percent of all ransomware attacks worldwide. The researchers analyzed 1,762 posts on leak sites, where cybercriminals publish stolen data. This number increased by four percent compared to the same period in 2023.
Ransomware groups
Currently, there are 53 active ransomware groups worldwide. The six most active groups, including Flighty Scorpius with the LockBit 3.0 ransomware, Fiddling Scorpius with Play, and Dark Scorpius with BlackBasta, together account for more than half of all attacks. Many of these groups have ties to Russia. For example, the U.S. government has offered a reward for information on Dmitry Khoroshev, the suspected leader of Flighty Scorpius.
read also
Belgium in top 10 ransomware attacks worldwide by 2024
Industry and healthcare
Hackers are primarily targeting industries most affected by shutdowns. Manufacturing remains the biggest target with 16 percent of all attacks in the first half of 2024. Healthcare experienced a sharp increase in attacks and ranks second with 10 percent. Construction follows in third place with 9 percent.
Belgium in top 10
Although the United States suffers the largest number of attacks (52%), followed by Canada and the UK, Belgium ranks 10th worldwide with 21 ransomware attacks in the first half of 2024. This represents one percent of all attacks.
read also
Belgium in top 10 ransomware attacks worldwide by 2024
The data is based on analysis of the dark web and may not give the full picture because not all victims see their data appear on leak sites.