Trend Micro has been monitoring the leak sites of multiple ransomware groups since November 2019 and continuously looking at the number and composition of organizations that have been victimized and whose information has been publicized by these groups. As a result of their research thus far, Conti and LockBit stand out in terms of their total numbers of affected organizations. The researchers’ goal was to show how applying data analysis approaches to this data can give powerful understanding on the operations and perhaps even decision-making of these cybercriminals groups — a topic they will also be presenting on this week at the 34th Annual FIRST Conference in Dublin, with colleagues from Waratah Analytics. While some reports indicate the Conti brand is now offline, its scale continues to make it an excellent case study for these approaches.
When Trend Micro rank the top 10 ransomware groups in terms of the number of organizations that had their data leaked (from November 2019 to March 2022), they see two clear leaders. In fact, Conti and Lockbit between them account for almost 45% of all incidents.
Source: Trend Micro