While on the whole the ransomware landscape remained fairly stable between March and April, a new analysis shows a sizable hike in attack activity from the CLOP ransomware group.
The NCC Group April Threat Pulse update says that the CLOP ransomware group leapfrogged from dead last to the fourth most active group for the month, a 2,100% increase over March.
The industrial sector was most targeted in April, suffering 35% of ransomware attacks, followed by consumer cyclicals (19%) and technology (10%), according to NCC.
CLOP appears to favor targeting the industrial and technology sector, the researchers warn.
“The increase in CL0P’s activity seems to suggest they have returned to the threat landscape,” Matt Hull, global lead for strategic threat intelligence at NCC Group, said in a statement about the new ransomware group activity findings. “Organizations within CL0P’s most targeted sectors — notably industrials and technology — should consider the threat this ransomware group presents, and be prepared for it.”