cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

The weekly ransomware report, Friday, 9 February

Attacks remain steady this week as LockBit continues to dominate the ransomware landscape.

user icon David Hollingworth
Fri, 09 Feb 2024
The weekly ransomware report, Friday, 9 February
expand image

Ransomware attacks have remained relatively steady this week, with just a slight 3 per cent rise to 68 attacks compared to the last seven-day period we looked at.

This is based upon a slight uptick in activity from LockBit, which is responsible for more than a quarter of all attacks, with 18 victims observed. But the second-most active gang this week has been Play, which charged into the top five with 13 attacks of its own. An alarming effort, given that in January, the group had claimed only five scalps.

In the longer term, though, attacks within the last 30 days have trended upward for the first time this year, up 22 per cent to 320 incidents. The three-month figure remains on a downward trend, however.


8Base was responsible for 11 incidents, Akira five, and BianLian three – all players we’ve seen jockey in the top five.

The US remained the most targeted country in terms of observed and reported ransomware incidents, with 35 attacks – the same as the last period we looked at. The United Kingdom overtook France with seven attacks, and Austria and Canada both scored the same, all with two incidents each.

Australia may be out of the top five, but we may not have gotten away cleanly. Dietary supplement retail Elite Supplements reported that it may have fallen victim to an attack, though no operator has yet taken responsibility for the attack.

Manufacturing and accounting remain heavily targeted, but they do drop a few positions. The most targeted industry this week was building and construction. Eight companies in this sector fell victim to ransomware. Transportation was next with six victims, while the two aforementioned industries saw five and four victims succumb, respectively. Three telcos were also hit.

It’s interesting watching this list change so much from week to week. There are clearly some industries with possibly legacy systems struggling to keep up, but largely, the victimology is rather random.

Just the numbers
Sixty-eight attacks in the last seven days, up 3 per cent from last week.

Threat actors

LockBit – 18 ransomware attacks, 26 per cent of total
Play – 13 (new entry)
8Base – 11
Akira – 5
BianLian – 3

Countries impacted

USA – 35 organisations targeted – same
UK – 7
Austria – 2
Canada – 2
France – 2


Building and construction – 8
Transportation – 6
Manufacturing – 5
Accounting – 4
Telcos – 3

A total of 3,865 ransomware findings so far this year and 57 threat groups tracked.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.