Report: Intel 471 reports decrease in ransomware attacks in 3Q 2022

According to the Intel 471 Leading Ransomware Variants in Q3 of 2022 report, 27 ransomware variants were used to conduct 455 attacks from July 2022 to September 2022. That’s a decrease of 38 attacks from the second quarter of 2022 and 134 from the first quarter of 2022. The most prevalent ransomware strain in Q3 2022 was LockBit 3.0, which was responsible for 42% of all reported incidents. It was followed by Black Basta at 11%, Hive at 9% and ALPHV at nearly 7%.

>>Don’t miss our special issue: Zero trust: The new security paradigm.<<

The latest report from Intel 471 highlights how many victims, countries, sectors and industries have been impacted by the 27 different ransomware variants that appeared in Q3 2022. With the fall of the Conti ransomware group earlier this year, Intel 471’s report also includes a deep dive into the impact of the four emerging variants that pose the largest threats to countries such as the United States and the United Kingdom, including LockBit 3.0 and Black Basta.

Intel 471 researchers’ observations of ransomware attacks in the third quarter of 2022 showed that the variants collectively targeted 111 organizations in July, 162 in August and 182 in September. The LockBit variant has remained the most impactful ransomware service, with 192 attacks, for the fourth consecutive quarter beginning with the third quarter of 2021. Following LockBit 3.0, 50 attacks were associated with Black Basta, 42 with Hive and 30 with ALPHV.

Other ransomware variants observed conducting multiple ransomware attacks this quarter in descending order were AvosLocker, Vice Society, STORMOUS RANSOMWARE, RansomHouse, Quantum and LV, each accounting for 32 or fewer breaches.

The research found that attacks impacting the consumer and industrial products sector in Q3 2022 decreased by 14% from Q2 2022. However, this sector continued to be the most impacted this quarter, as it was in both Q1 and Q2 2022. The second-most-impacted sector from July 2022 to September 2022 was professional services and consulting, followed by manufacturing. These sectors also were in the top four most impacted sectors in Q3 and Q4 2021 and in Q1 and Q2 2022. This indicates there was no significant difference in the primary impacted sectors over the course of 2021 and 2022 thus far.

According to Intel 471, the most-impacted region in the third quarter of 2022 was North America, amounting to 43% of all reported attacks. This was followed by Europe at 33%, Asia at just under 11% and South America at 4%. These percentages remained nearly constant from the previous quarter.

Read the full report from Intel 471.