Ransomware attacks witnessed a significant increase in Q2, with REvil and DarkSide leading the surge, as per a recent report

In the ever-evolving digital landscape, ransomware attacks remain a significant concern for organisations worldwide. Here's a roundup of the latest developments in the ransomware arena.

Researchers have recently unveiled LockBit 2.0, an updated version of the LockBit ransomware that emerged in 2020. This newer variant reportedly accesses systems using the remote desktop protocol and automatically encrypts data across the domain in preparation for exfiltrating information.

Meanwhile, a new player in the ransomware scene, BlackMatter, made its debut in July. It was linked to a recent attack against a farm cooperative in Iowa during late September. However, the available information does not specify which organisation was behind this attack.

One of the most high-profile ransomware incidents this quarter was the attack on Colonial Pipeline, a major fuel supplier in the U.S. The DarkSide organisation was linked to this attack in early May. Interestingly, DarkSide temporarily vanished amid increased pressure from law enforcement and U.S. government pressure.

The financial services sector has been the most active in terms of cloud threats during the quarter, accounting for 50% of the top 10 cloud incidents, according to a report. The sector was also the most targeted by ransomware families during the second quarter, with the REvil/Sodinokibi ransomware family responsible for 73% of ransomware detections, as per a report by McAfee Enterprise.

The telecom, energy, and media and communications sectors followed government agencies as the most targeted sectors during the quarter. Notably, the JBS USA beef and poultry supplier and IT platform Kaseya were among the targets of REvil/Sodinokibi ransomware attacks.

Federal officials have recently warned of threats against agricultural and food industry targets, adding another layer of concern to the ongoing ransomware threat landscape.

In an attempt to curb the spread of ransomware, two of the top underground forums, XSS and Exploit, announced bans on accepting ransomware advertising during the quarter.

Raj Samani, chief scientist at McAfee Enterprises, wrote in a new blogpost about the alleged connection between DarkSide and BlackMatter. McAfee Enterprise officials agreed that the sudden appearance of the BlackMatter group was more than a coincidence.

As the battle against ransomware continues, it's crucial for organisations to stay vigilant and implement robust cybersecurity measures to protect their systems and data.